WO2022218033A1 - 一种数据处理的方法和装置 - Google Patents
一种数据处理的方法和装置 Download PDFInfo
- Publication number
- WO2022218033A1 WO2022218033A1 PCT/CN2022/077282 CN2022077282W WO2022218033A1 WO 2022218033 A1 WO2022218033 A1 WO 2022218033A1 CN 2022077282 W CN2022077282 W CN 2022077282W WO 2022218033 A1 WO2022218033 A1 WO 2022218033A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- computing
- encrypted
- node
- fragments
- Prior art date
Links
- 238000003672 processing method Methods 0.000 title abstract description 8
- 238000000034 method Methods 0.000 claims abstract description 68
- 238000004891 communication Methods 0.000 claims abstract description 64
- 239000012634 fragment Substances 0.000 claims description 187
- 230000006870 function Effects 0.000 claims description 121
- 238000004364 calculation method Methods 0.000 claims description 71
- 238000012545 processing Methods 0.000 claims description 67
- 238000004590 computer program Methods 0.000 claims description 20
- 238000004422 calculation algorithm Methods 0.000 claims description 10
- 238000013461 design Methods 0.000 description 27
- 238000013467 fragmentation Methods 0.000 description 15
- 238000006062 fragmentation reaction Methods 0.000 description 15
- 239000000654 additive Substances 0.000 description 7
- 230000000996 additive effect Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- 230000000694 effects Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 238000012549 training Methods 0.000 description 4
- 238000007726 management method Methods 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000011664 signaling Effects 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Definitions
- the present application relates to the field of communication technologies, and in particular, to a data processing method and apparatus.
- Secure multi-party computing is an important technology. This solution can ensure that multiple participating computing parties can complete a specified computing task without revealing the input data of all parties.
- the secure multi-party calculation protocol is adopted, and there is a common problem of too many communication rounds or too much communication volume, resulting in a large time cost to complete all data calculation tasks.
- a data processing method and device are used to realize efficient completion of data processing tasks by multiple computing parties.
- the present application provides a method for data processing.
- the method is described by taking a master node as an example.
- the master node may be one of the multiple computing nodes participating in the calculation, or may be an independent node independent of the multiple computing nodes.
- the steps of the method include: the master node obtains N encrypted privacy data provided by the data provider, and determines corresponding N encrypted random data for the N encrypted privacy data; the N is a positive integer; Each encrypted random data in the N encrypted random data is divided into P first fragments respectively, and each encrypted private data in the N encrypted private data is divided into P second fragments respectively; the P is the number of computing nodes managed by the master node; the master node sends the P first shards in each encrypted random data to the P computing nodes, and encrypts each encrypted privacy
- the P second shards in the data are respectively sent to the P computing nodes, so that each computing node receives N first shards and N second shards; the master node respectively Send a target task to the P computing nodes, where the target task is used to instruct the corresponding computing node to use a preset calculation method to calculate the received first fragment and the second fragment to obtain a target result fragmentation; the master node obtains the target result fragments obtained after the P computing no
- the master node can determine the corresponding number of N encrypted random data according to the N encrypted privacy data provided by the data provider, and the master node can combine the N encrypted privacy data and N encrypted data according to the number P of computing nodes managed by the master node.
- the encrypted random data each encrypted private data and each encrypted random data are divided into P shares, and one fragment of each encrypted private data and one fragment of each encrypted random data are sent to each computing node.
- the master node sends the target task to each computing node, so that each computing node uses a preset calculation method to calculate the received encrypted random data fragment and encrypted private data fragment, and obtain the target result fragment, And the target result data is obtained by sharding according to the target result obtained by each computing node.
- the scheme targets multiple encrypted private data, compared with the existing secure multi-party calculation, this scheme does not need to implement any polynomial calculation through multiple rounds of communication, thereby reducing the number of communication rounds to perform the target task and improving the computing efficiency of data.
- the method further includes: the master node sends the auxiliary data and/or the difference value of any one of the P computing nodes to any one of the P computing nodes; wherein, The auxiliary data of any one of the computing nodes includes: a fragment of any one of the N encrypted random data, a fragment of the product of at least two encrypted random data, and any encrypted random data times.
- a slice of the power; the N difference values of the any one computing node are the N first slices sent by the master node to the any one computing node. Each of the first slices and the corresponding The difference value of the second slice.
- any one of the computing nodes can use the difference value and encrypted random data to replace the encrypted private data, and convert the objective function into a function related to the encrypted random data; further, any one of the computing nodes can use the auxiliary data according to the auxiliary data. , calculate the value of the product of the items of the function of encrypting random data, so that the result value of the function can be effectively obtained. Therefore, when any computing node in this scheme targets multiple encrypted private data and no matter how complex the objective function is, it only needs to perform one round of communication to complete the calculation of the objective function, thereby improving the efficiency of data processing and reducing data processing. required overhead.
- the target result fragmentation may conform to the following functions:
- the value of [f(x 1j ,x 2j , whilx Nj )]_j indicates the target result fragment obtained by the jth computing node, and x ij indicates that the jth computing node obtains the ith encrypted privacy data
- a second slice of , j is a positive integer less than or equal to P, i represents a positive integer less than or equal to N; the coefficients of each equation in f(.) are known; the jth computing node obtains
- the computing party multiplies the N second differences and the coefficients of the function f(.) to obtain each coefficient of the function G(.), and calculates each coefficient of the function G(.).
- the function G(.) is a function related to encrypted random data.
- any computing node can use this formula to effectively obtain the result of the target task. Since the input value of any computing node is substituted into the target function in the form of slices, the final result is The target result shard for any compute node.
- the master node obtains target result data according to the target result fragments obtained after the P computing nodes perform the target task, including: the master node shards the P The target result obtained after each computing node executes the target task is added in pieces to obtain the target result data.
- the master node can use the received target result fragments obtained by the P computing nodes as a new P fragments of encrypted privacy data, which can be directly used in the next calculation of the target task.
- this method can flexibly allocate the encrypted private data involved in each execution of the target task, which can not only ensure the final completion of the target task, but also reduce the time required to perform the target task. Number of communication rounds.
- the present application provides a method for data processing.
- the method is described as being executed by any one of the P computing nodes.
- the steps of the method include: the computing node receives N first fragments sent by the master node, and the N first fragments are divided into N pieces of encrypted random data generated by the master node for each encrypted random data.
- P first fragments are obtained by sending the P first fragments in each encrypted random data to P computing nodes respectively; the P is the number of computing nodes managed by the master node;
- the N is a positive integer; the computing node receives the N second fragments sent by the master node, and the N second fragments are among the N encrypted privacy data provided by the master node to the data provider.
- Each encrypted privacy data is divided into P second fragments, and the P second fragments in each encrypted privacy data are respectively sent to the P computing nodes; the computing nodes receive the The target task sent by the master node, the target task is used to instruct the computing node to use a preset calculation method to calculate the N first fragments and the N second fragments received; the calculation The node uses the preset calculation method to calculate the N first shards and the N second shards to obtain target result shards, and sends the target result shards to the master node.
- any one of the P computing nodes receives one shard of each encrypted private data among the N encrypted private data and one shard of each encrypted private data among the N encrypted random data sent by the master node, Then, the arbitrary computing node receives the target task sent by the master node, and the arbitrary computing node uses a preset computing method to calculate the received encrypted random data fragment and encrypted private data fragment to obtain the target result Fragmentation.
- the scheme targets multiple encrypted private data, compared with the existing secure multi-party calculation, this scheme does not need to implement any polynomial calculation through multiple rounds of communication, thereby reducing the number of communication rounds to perform the target task and improving the computing efficiency of the data.
- the method further includes: acquiring, by the computing node, auxiliary data, the auxiliary data being obtained according to the N first fragments; the computing node using the preset calculation method, calculating the N first fragments and the N second fragments to obtain a calculation result, including: the computing node uses the preset calculation method to calculate the N first fragments The slice, the N second slices, and the auxiliary data are calculated to obtain the target result slice.
- the auxiliary data is obtained by any one of the computing nodes. Since the auxiliary data is obtained from the first fragment of N encrypted random data, in this solution, the master node uses the auxiliary data to Send it to any computing node, so that any computing node can effectively calculate and obtain the target result fragment.
- acquiring, by the computing node, a plurality of auxiliary data includes: receiving, by the computing node, the auxiliary data obtained by computing the N encrypted random data by the master node using a multi-party multiplication protocol algorithm. data; the auxiliary data includes: a fragment of any encrypted random data among the N encrypted random data, a fragment of the product of at least two encrypted random data, and a power of any encrypted random data Fragmentation.
- the auxiliary data can be calculated by the trusted master node using the multi-party multiplication protocol algorithm on the N encrypted random data, and the auxiliary data obtained by any one computing node specifically includes: the N A fragment of any encrypted random data among the encrypted random data, a fragment of the product of at least two encrypted random data, and a fragment of any power of encrypted random data, therefore, any one of the The computing node can use the obtained auxiliary data to ensure that the target result fragment can be effectively calculated, and at the same time, it can also reduce the number of communication rounds required to calculate the target result fragment.
- the computing node calculates the N first shards, the N second shards, and the auxiliary data by using the preset computing manner, to obtain Target result shards, including:
- the computing node determines a difference between each of the N first shards and the corresponding second shard to obtain N first differences; or the computing node receiving a first difference between each of the N first shards and the corresponding second shard determined by the master node;
- the computing node obtains the N first difference values respectively sent by the other P-1 computing nodes, and the N first difference values of any one of the P-1 computing nodes are received by the any computing node.
- the difference between each of the N first shards and the corresponding second shard; or the N first shards of any one of the P-1 computing nodes The difference value is the difference value between each of the first fragments and the corresponding second fragment in the N first fragments received by the arbitrary computing node determined by the master node;
- the computing node superimposes the first difference values from the same encrypted random data and encrypted privacy data in the P*N first difference values to obtain N second difference values; the N second difference values are used to represent The difference between the N encrypted private data and the N encrypted random data; the computing node uses the preset calculation method to calculate the obtained auxiliary data and the N second difference values to obtain the target result fragment.
- any one of the P computing nodes can obtain N first difference values of each computing node in the P computing nodes, and further, according to the P*N first difference values, N second difference values can be obtained.
- the N second differences are differences between the N encrypted private data and the N encrypted random data.
- the arbitrary computing node may use the N second differences and the N encrypted random data to replace the N encrypted private data, and convert the objective function into a function related to the encrypted random data.
- any one of the computing nodes can use the obtained auxiliary data to determine the product value of each item in the function of encrypting random data and add the product value of each item to obtain the result value of the function of encrypting random data.
- the target result fragment conforms to the following function:
- the value of [f(x 1j ,x 2j , whilx Nj )]_j indicates the target result fragment obtained by the jth computing node, and x ij indicates that the jth computing node obtains the ith encrypted privacy data
- a second slice of , j is a positive integer less than or equal to P, i represents a positive integer less than or equal to N; the coefficients of each equation in f(.) are known; the jth computing node obtains
- the computing party multiplies the N second differences and the coefficients of the function f(.) to obtain each coefficient of the function G(.), and calculates each coefficient of the function G(.).
- the function G(.) is a function related to encrypted random data.
- any computing node can use this formula to effectively obtain the result of the target task. Since the input value of any computing node is substituted into the target function in the form of slices, the final result is This means the target result shard for a compute node.
- an embodiment of the present application provides a data processing device, which can be applied to a master node and has the function of implementing the first solution in the first aspect or any possible design of the first aspect.
- this function can be realized by hardware, and can also be realized by executing corresponding software by hardware.
- the hardware or software includes one or more units corresponding to the above-mentioned functions. For example, it includes a communication unit and a processing unit.
- an embodiment of the present application provides a data processing device, which can be applied to any computing node managed by a master node, and has the second aspect above or any possible design of the second aspect above.
- the function of the first solution can be realized by hardware or by executing corresponding software in hardware.
- the hardware or software includes one or more units corresponding to the above-mentioned functions. For example, it includes a communication unit and a processing unit.
- an embodiment of the present application further provides a computer storage medium, where a software program is stored in the storage medium, and when the software program is read and executed by one or more processors, the first aspect or any one of them can be implemented.
- a software program is stored in the storage medium, and when the software program is read and executed by one or more processors, the first aspect or any one of them can be implemented.
- the embodiments of the present application further provide a computer program product including instructions, which, when running on a computer, causes the first aspect or the first solution provided by any of the designs to be executed, or causes the above-mentioned first solution to be executed.
- the first solution provided by the two aspects or any one of the designs is performed.
- an embodiment of the present application provides a chip system, where the chip system includes a processor, which is used to support the vehicle-mounted device to implement the functions involved in the first aspect or implement the functions involved in the third aspect.
- an embodiment of the present application provides a chip system, where the chip system includes a processor for supporting the first roadside device to implement the functions involved in the second aspect above, or implement the functions involved in the fourth aspect above. function.
- the chip system further includes a memory for storing necessary program instructions and data of the communication device.
- the chip system may be composed of chips, or may include chips and other discrete devices.
- an embodiment of the present application further provides a communication system, where the communication system includes a master node for executing the method provided by the first aspect or any of the designs, and each of the multiple computing nodes managed by the master node.
- a computing node is used for executing the method provided by the second aspect or any one of the designs, and a computing node is used to implement the transmission channel between the master node and the computing node managed by the master node, and the multiple computing nodes managed by the master node.
- a transmission channel between computing nodes is provided by the first aspect or any of the designs, and each of the multiple computing nodes managed by the master node.
- FIG. 1A is a schematic diagram of an application scenario provided in an embodiment of the present application.
- FIG. 1B is a schematic diagram of an application scenario provided in an embodiment of the present application.
- 1C is a schematic diagram of an AI inference scenario provided in an embodiment of the application.
- FIG. 2 is a schematic flowchart of a method for providing data processing in an embodiment of the present application
- 3A is a schematic structural diagram of a data processing provided in an embodiment of the application.
- 3B is a schematic structural diagram of another data processing provided in an embodiment of the application.
- FIG. 4 is a schematic structural diagram of a data processing apparatus provided in an embodiment of the present application.
- FIG. 5 is a schematic structural diagram of a data processing device provided in an embodiment of the present application.
- Embodiments of the present application provide a data processing method and apparatus.
- the methods and devices are conceived based on the same or similar technologies. Since the principles of the methods and devices for solving problems are similar, the implementation of the devices and the methods can be referred to each other, and repeated descriptions will not be repeated here.
- SMPC Secure Multi-Party Computation
- Data secret sharing mainly includes Additive Secret Sharing (ASS), Shamir's Secret Sharing (SSS), and secret sharing of XOR operation.
- ASS Additive Secret Sharing
- SSS Shamir's Secret Sharing
- secret sharing of XOR operation secret sharing of XOR operation.
- additive secret sharing assign a 1 , a 2 ,...,an to n participants respectively.
- the secret value a needs to be recovered, all the shards a 1 , a 2 ,...,an need to be collected to recover the secret value a.
- Additive secret sharing can be extended to integer rings, prime fields, matrix rings, finite fields, polynomial residue-like rings, etc.
- f(ID 1 ), f(ID 2 ),...,f(ID n ) are called ShaNir secret shares of secret value a, and each f(IDi) is called a ShaNir secret share shard.
- each f(IDi) is called a ShaNir secret share shard.
- the secret value a is 0 or 1
- a i is 0 or 1
- a a 0 XORa 1
- XOR...XORa k ⁇ a 0 ,a 1 ,..., ak ⁇
- the secret sharing of a set of XOR operations called the secret value a.
- [a] represents the secret share of the secret value a (eg, the shard of encrypted privacy data in this application), which is the set of all shards that contain the secret share of a.
- a_i represents the ith shard of a
- b_i represents the ith shard of b.
- Logical operation The input value is 0 or 1, and the logical operation between input values includes "and", "or”, “not” and “exclusive or”.
- the master node and the computing node involved in the embodiments of the present application may be a connection point, representing a redistribution or a communication endpoint. Communication endpoints, such as some terminal equipment, in-vehicle equipment or roadside equipment, etc.
- the nodes involved in the embodiments of the present application may also be, but are not limited to, physical network nodes, and the physical network nodes are usually source electronic devices connected to the network.
- a physical network node may be a data circuit terminating device such as a modem, hub, bridge or switch.
- the master node has functions of data transmission, data storage, and management of computing nodes.
- the computing node also has the functions of data transmission, data calculation, and data storage.
- the master node can be any one of multiple computing nodes, that is, it can also participate in multi-task collaborative computing with other computing nodes, or it can be an independent node independent of multiple computing nodes.
- the master node and the computing node are not specifically limited. Can include, but is not limited to, physical network nodes in a communication network.
- the master node and the computing node may also be independent management devices and multiple computing devices managed by the management device in the communication system.
- the master node or management device of the present application is credible, and when it receives the data provided by the data provider and the related privacy data, it cannot directly leak it to the outside world or any other computing party.
- [a]_j represents the j-th slice of the secret sharing [a]
- y j does not represent the secret-sharing slice, but represents the j-th input value or encrypted value.
- connection describes the association relationship of the associated objects, indicating that there can be three kinds of relationships, for example, A and/or B can mean that A exists alone, A and B exist simultaneously, and exist independently B these three cases.
- Connection which describes the connection relationship between two objects, can represent two connection relationships, for example, A and B are connected, which can represent: A is directly connected with B, and A is connected through C and B.
- the character "/" generally indicates that the associated objects are an "or" relationship. In this application, at least one refers to one or more; multiple refers to two or more.
- references in this specification to "one embodiment” or “some embodiments” and the like mean that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application.
- the terms “comprising”, “including”, “having” and their variants in this specification all mean “including but not limited to” unless specifically emphasized otherwise.
- FIGS. 1A-1B an application scenario of data processing provided by an embodiment of the present application.
- FIG. 1A there are multiple data providers: enterprises, governments, and individual users, who wish to use data from multiple parties through multiple computations (eg, computing party 1, computing party 2, ... computing party n). Perform analysis and complete the specified target tasks, but the data provider does not want to expose their data privacy while providing the data.
- computing party 1, computing party 2, ... computing party n the data provider does not want to expose their data privacy while providing the data.
- the existing secure multi-party computing scheme it is possible to ensure that the data input by all parties is not leaked, and the data of multiple parties can also be combined to ensure the correct completion of a specified target task.
- AI inference scenario As shown in Figure 1C, on the client side, the user wants to use the AI model stored in the enterprise's server to perform AI inference on his own local pictures. But the AI model is an asset of the enterprise and cannot be sent directly to the user. And users don't want to expose their pictures to companies. Therefore, users and enterprises can use the two-party computing protocol (which belongs to the secure multi-party computing technology) to complete the AI inference task and obtain the final AI inference result while protecting the privacy of the enterprise and the user's respective AI models and images.
- two-party computing protocol which belongs to the secure multi-party computing technology
- this application provides a data processing method.
- the master node obtains N encrypted privacy data provided by the data provider, and determines the corresponding N encrypted random data for the N encrypted privacy data; then, the master node will Each encrypted random data in the N encrypted random data is divided into P first shards, and each encrypted private data in the N encrypted private data is divided into P second shards.
- P first shards in each encrypted random data and P second shards in each encrypted private data are sent to P computing nodes respectively, so that each computing node receives N first shards and N second shards; further, the master node sends a target task to the P computing nodes respectively, and the target task is used to instruct the corresponding computing node to use the preset calculation method to calculate the received first shard and the second shard. , and obtain the target result fragmentation; finally, the master node receives the target result fragmentation obtained by the P computing nodes after executing the target task.
- the method can ensure that the number of communication rounds required to complete the target task is less on the premise of not leaking the data provided by the data provider, so that the target task can be efficiently completed.
- An embodiment of the present application provides a data processing method, and the method is applicable to, but not limited to, the application scenario shown in FIG. 1A .
- FIG. 2 a flowchart of a method for data processing provided by an embodiment of the present application, the method includes the following steps:
- the master node obtains N encrypted private data provided by the data provider, and determines corresponding N encrypted random data for each encrypted private data; N is a positive integer.
- encrypted privacy data is the non-clear text public data provided by the data provider.
- the data provider can be enterprises, governments, users, etc., and is mainly used to provide the actual data required by the target task.
- the complete encrypted privacy data provided by each data provider is only held by each data provider and cannot be leaked, for example, cannot be known by any computing node.
- encrypted privacy data and encrypted random data in this application may be, but not limited to, a specific numerical value.
- the master node may generate M encrypted random data in advance, where M is a positive integer greater than or equal to N.
- the master node may select N encrypted random data from the above-mentioned pre-stored M encrypted random data.
- S202 The master node divides each encrypted random data of the N encrypted random data into P first fragments respectively, and divides each encrypted private data of the N encrypted private data into P second fragments respectively ;
- P is the number of computing nodes managed by the master node.
- the number of computing nodes managed by the master node is two, three encrypted random data a1, a2, and a3 are obtained, and the three encrypted random data are divided, including the following:
- the master node divides a1 into a1_1 and a1_2, where a1_1 is a first fragment of the encrypted random data a1, and a1_2 is another first fragment of the encrypted random data a1.
- the master node divides a2 into a2_1 and a2_2, where a2_1 is a first fragment of the encrypted random data a2, and a2_2 is another first fragment of the encrypted random data a2.
- the master node divides a3 into a3_1 and a3_2, wherein a3_1 is a first fragment of encrypted random data a3, and a3_2 is another first fragment of encrypted random data a3.
- the master node obtains 3 encrypted privacy data b1, b2, b3, and divides the 3 encrypted privacy data, including the following:
- a fragment may be a part of a certain value, or a part of a certain paragraph, or a part of a certain bit data packet, or the like.
- the value of 10 is divided into 2 slices, and the specific manner of dividing the value of 10 into 2 slices is not specifically limited in this application, as long as the sum of the 2 slices is 10.
- the first fragment and the second fragment may be, but are not limited to, 2 and 8, or 3 and 7, or 4 and 6, or 5 and 5.
- the specific method for dividing the passage into two segments is not specifically limited in this application, as long as the two segments are combined into the passage.
- the first shard and the second shard can be, but are not limited to: "this is me” and “the cause I used to love", or "this is what I used to love” and "the cause”.
- the specific manner of dividing the 10-bit data packet into two fragments is not specifically limited in this application, as long as the sum of the number of bits in the two fragments is equal to 10.
- the first fragment and the second fragment can be but are not limited to: 2bit data packets and 8bit data packets, or 3bit data packets and 7bit data packets, or 4bit data packets and 6bit data packets, or 5bit data packets and 5bit data packets .
- S203 The master node sends the P first shards in each encrypted random data to the P computing nodes respectively, and sends the P second shards in each encrypted private data to the P computing nodes respectively , so that each computing node receives N first shards and N second shards.
- the second step is to send a fragment of encrypted privacy data provided by the first data provider to the first, second, third, and fourth computing nodes in turn (the second fragment shard) and a shard (the first shard) of the encrypted random data corresponding to the encrypted privacy data (the shards obtained by each computing node are different).
- Step 3 Send a fragment of encrypted privacy data provided by the second data provider and a fragment of encrypted random data corresponding to the encrypted privacy data to the 1st, 2nd, 3rd, and 4th computing nodes in turn (the first shards) (the shards obtained by each computing node are different).
- the master node sends a first fragment a1_1, a2_1, a3_1 of each encrypted random data to the first computing party, and sends another first fragment of each encrypted random data.
- Slices a1_2, a2_2, a3_2 are sent to the second computing party.
- the master node sends a second fragment b1_1, b2_1, b3_1 of each encrypted private data to the first computing party, and sends another second fragment b1_2, b2_2, b3_2 of each encrypted private data to the second Calculator.
- the first shards of random data obtained by the first computing node are: a1_1, a2_1, a3_1, and the second shards of encrypted privacy data obtained by the first computing node are: b1_1, b2_1, b3_1.
- the first shards of encrypted random data obtained by the second computing node are: a1_2, a2_2, a3_2, and the second shards of encrypted private data obtained by the second computing node are: b1_2, b2_2, b3_2.
- the master node sends the target task to the P computing nodes respectively, the P computing nodes receive the target task sent by the master node, and the target task is used to instruct the corresponding computing node to use a preset computing method to perform the received first fragment and The second shard is calculated to obtain the target result shard.
- the master node sends a target task to the P computing nodes, the target tasks are the same, and the preset calculation method may include, but is not limited to, a specific target formula or target function.
- S205 Any one of the P computing nodes uses a preset computing method to perform computation on the N first fragments and the N second fragments that have been received to obtain the target result fragment.
- the method further includes: the master node uses a multi-party multiplication protocol algorithm to calculate the N pieces of encrypted random data to obtain the first auxiliary data, and the master node calculates each item included in the first auxiliary data The data is divided into P fragments, and then one fragment of each item of data in the first auxiliary data is sent to any one of the P computing nodes.
- Any computing node receives a slice (auxiliary data) of each item of data in the auxiliary data.
- the auxiliary data of any computing node includes: a fragment of any encrypted random data among the N encrypted random data, a fragment of the product of at least two encrypted random data, and a power of any encrypted random data. a shard.
- a trusted master node or a trusted third party can use a multi-party multiplication protocol algorithm to calculate N encrypted random data, and the number of times obtained is less than or All monomials equal to the k degree are used as the first auxiliary data, and the first auxiliary data is divided into 4 parts (taking the number P of computing nodes as 4 as an example) and sent to 4 computing nodes respectively.
- the multi-party multiplication protocol algorithm is used between the four computing nodes to calculate the N encrypted random data, and obtain all the monomials whose times are less than or equal to k times, as the first auxiliary data, Each computing node selects the auxiliary data corresponding to the encrypted random data fragment that it owns from the first auxiliary data.
- k is a positive integer.
- the master node has obtained auxiliary data in advance according to the encrypted random data in the pre-calculation stage, or each computing node has obtained auxiliary data in advance according to the encrypted random data in the pre-calculation stage.
- the pre-calculation stage precedes step S201.
- the master node uses a multi-party multiplication protocol algorithm to calculate N pieces of encrypted random data, and obtains all monomials whose times are less than or equal to k times, as the first auxiliary data.
- the encrypted random data are: a 1 , a 2 , a 3
- the master node uses the multi-party multiplication protocol algorithm to calculate the three encrypted random data to obtain the first auxiliary data including: a 1 , a 2 , a 3 , a 1 a 1 , a 2 a 2 , a 3 a 3 , a 1 a 2 , a 1 a 3 , a 2 a 3 , a 1 a 1 a 1 , a 2 a 2 a 2 , a 3 a 3 , a 1 a 1 a 2 , a 1 a 1 a 3 , a 1 a 2 a 2 , a 2 a 2 a 3 , a 1 a 3 a 3 , a 2 a 3 a 3 , a 1 a 2 a 3 , a 1 a 2 a 3 , a 1 a 3 a 3 , a 2 a 3 a 3 ,
- the auxiliary data received by any one of the P computing nodes is a fragment of each item of data in the above-mentioned first auxiliary data.
- the auxiliary data obtained by the first computing node are: [a 1 ]_1, [a 2 ]_1, [a 3 ]_1, [a 1 a 1 ]_1, [a 2 a 2 ]_1, [a 3 a 3 ]_1, [a 1 a 2 ]_1, [a 1 a 3 ]_1, [a 2 a 3 ]_1, [a 1 a 1 a 1 ]_1, [a 2 a 2 a 2 ]_1, [ a 3 a 3 ]_1, [a 1 a 1 a 2 ]_1, [a 1 a 1 a 3 ]_1, [a 1 a 2 ]_1, [a 1 a 1 a 3 ]_1, [a 1 a 2 a 2 ]_1, [a 2 a 2 a 3 ]_1, [a 1 a 3 ]_1,
- the method before step S205 is performed, the method further includes: obtaining N first difference values by any one of the P computing nodes, which may be obtained in the following manner:
- any one of the P computing nodes determines, according to the N first shards and N second shards received, each of the N first shards and the corresponding first shard. The difference between the two shards is obtained, and N first difference values are obtained.
- the first shard of random data obtained by the first computing node is: [a 1 ]_1, [a 2 ]_1, [a 3 ]_1, and the second shard of encrypted privacy data obtained by the first computing node
- the slices are: [b 1 ]_1, [b 2 ]_1, [b 3 ]_1.
- the three first differences obtained by the first computing node are: [z 1 ]_1, [z 2 ]_1, and [z 3 ]_1.
- [z 1 ]_1 is the difference between the first shard of the encrypted privacy data b 1 received by the first computing node and the second shard of the encrypted random data a 1 received by the first computing node
- [z 2 ]_1 is The difference between the first fragment of encrypted privacy data b 2 received by the first computing node and the second fragment of encrypted random data a 2 received by the first computing node
- [z 3 ]_1 is the encrypted privacy data received by the first computing node The difference between the first fragment of b 3 and the second fragment of the encrypted random data a 3 received by the first computing node.
- any one of the P computing nodes receives the first difference between each of the N first shards determined by the master node and the corresponding second shard.
- [z 1 ]_1, [z 2 ]_1, [z 3 ]_1 are calculated by the master node, and the calculated [z 1 ]_1, [z 2 ]_1, [z 3 ]_1 are calculated. Sent to the corresponding 1st compute node.
- any one of the P computing nodes obtains the N first difference values through the above two methods, it also needs to obtain the N first difference values of each of the other P-1 computing nodes. difference. Specifically, it can be done in the following ways:
- any one of the P computing nodes can transmit the first difference value with other p-1 computing nodes. Any one of the P computing nodes can receive N first difference values respectively sent by each of the other p-1 computing nodes. At the same time, any one of the P computing nodes may also send N first difference values to each of the other p-1 computing nodes. After that, any one of the P computing nodes has P*N first difference values.
- the fourth step the first difference values are transmitted between each computing node, so that each computing node can obtain all the first difference values calculated by each computing node.
- the master node manages three computing nodes: a first computing node Q1, a second computing node Q2, and a third computing node Q3.
- first computing node second computing node
- third computing node are represented by Q1, Q2, and Q3, respectively.
- the three first differences calculated by Q1 are: [z 1 ]_1, [z 2 ]_1, [z 3 ]_1;
- the three first differences calculated by the Q2 computing node are: [z 1 ]_2, [z 2 ]_2, [z 3 ]_2;
- the three first differences calculated by Q3 are: [z 1 ]_3, [z 2 ]_3, [z 3 ]_3.
- Q1 can receive the three first difference values sent by Q2 and the three first difference values sent by Q3. At the same time, Q1 sends the three first differences of Q1 to Q2 and Q3.
- the master node calculates the N first difference values of each of the P computing nodes respectively, and then sends the P*N first difference values to the P computing nodes. After that, any one of the P computing nodes has P*N first difference values.
- the master node calculates three first differences of Q1: [z 1 ]_1, [z 2 ]_1, [z 3 ]_1;
- the master node calculates the three first differences of Q2 respectively: [z 1 ]_2, [z 2 ]_2, [z 3 ]_2;
- the master node separately calculates three first differences of Q3: [z 1 ]_3, [z 2 ]_3, and [z 3 ]_3.
- the master node sends the three first difference values of Q1, the three first difference values of Q2, and the three first difference values of Q3 to Q1, Q2, and Q3. Then, Q1, Q2, and Q3 all obtain the three first differences of Q1, the three first differences of Q2, and the three first differences of Q3.
- any one of the P computing nodes uses a preset calculation method to calculate the N first fragments and N second fragments that have been received, to obtain Fragment the target result, and send the target result fragment to the master node, (as shown in the fifth step in FIG. 3A or FIG. 3B ).
- the specific implementation steps are as follows:
- any one of the P computing nodes superimposes the first difference values from the same encrypted random data and encrypted private data in the received P*N first difference values to obtain N second difference values.
- the N second differences are used to represent the differences between the N encrypted private data and the N encrypted random data.
- the first computing node obtains N encrypted random data a 1 , a 2 ??, a slice of a N is [a 1 ] _1 , [a 2 ] _1 ,... ..,[a N ] _1 , the first computing node obtains N encrypted privacy data b 1 , b 2 ??, a slice of b N is [b 1 ] _1 , [b 2 ] _1 respectively ,...,[b N ] _1 , then the first difference values of N obtained by the first computing node are: [z 1 ] _1 ,[z 2 ] _1 ,...,[z N ] _1 , [z 1 ] _1 , [z 2 ] _1 ,...,[z N ] _1 satisfies the following respectively:
- the N first travel values of the i-th computing node are: [z 1 ] _i ,[z 2 ] _i ,...,[z N ] _i , where i is a positive integer less than or equal to P .
- [z 1 ] _i ,[z 2 ] _i ,...,[z N ] _i satisfies the following respectively:
- the first computing node calculates N second differences, including the following:
- the N*P first difference values obtained by the first computing node include: the N first difference values of the first computing node, the N first difference values of the second computing node, ..., the Pth computing node's N first difference values. N first differences.
- N second difference values are z 1 , z 2 ,...,z N , z 1 respectively ,z 2 ,...,z N respectively satisfy the following formulas:
- the first computing node obtains the three first differences of the first computing node as [z 1 ] _1 , [z 2 ] _1 , and [z 3 ] _1 , and obtains the three first differences of the second computing node For [z 1 ] _2 , [z 2 ] _2 , [z 3 ] _2 , obtain the three first differences of the third computing node as [z 1 ] _3 , [z 2 ] _3 , [z 3 ] _3 .
- the first computing node superimposes the received 3*3 first differences correspondingly to calculate 3 second differences, which are respectively: z 1 , z 2 , and z 3 .
- z 1 [z 1 ] _1 +[z 1 ] _2 +[z 1 ] _3 ;
- z 2 [z 2 ] _1 +[z 2 ] _2 +[z 2 ] _3 ;
- z 3 [z 3 ] _1 +[z 3 ] _2 +[z 3 ] _3 .
- the first difference values [z 1 ] _1 , [z 1 ] _2 , and [z 1 ] _3 are respectively the slices of the second difference value z 1
- the first difference values [z 2 ] _1 , [z 2 ] _2 , [z 2 ] _3 are the slices of the second difference z 2 respectively
- the first difference [z 3 ] _1 , [z 3 ] _2 , [z 3 ] _3 are respectively a fraction of the second difference z 3 piece.
- any one of the P computing nodes uses a preset computing method to obtain the target result fragmentation for the acquired auxiliary data and the N second difference values.
- the target result fragmentation conforms to the following functions:
- the value of [f(x 1j ,x 2j , whilx Nj )]_j indicates the target result fragment obtained by the jth computing node, and x ij indicates that the jth computing node obtains the ith encrypted privacy data
- a second slice of , j is a positive integer less than or equal to P, i represents a positive integer less than or equal to N; the coefficients of each equation in f(.) are known; the jth computing node obtains
- the computing party multiplies the N second differences and the coefficients of the function f(.) to obtain each coefficient of the function G(.), and calculates each coefficient of the function G(.).
- the function G(.) is a function related to encrypted random data.
- the preset calculation method corresponds to the set objective function as follows:
- the N encrypted privacy data or a slice of the N encrypted privacy data can be used as the input value of the N variables x in the objective function. That is, the encrypted privacy data can be represented by the variable x, in which the coefficients in the objective function f(.) are all known.
- the variable y represents the encrypted random data
- any one of the P computing nodes can determine N second difference values z 1 , z 2 , . . . , z N through the above steps.
- the function G( ⁇ ) is a function about the variable y, that is, the function G( ⁇ ) is a function about the encrypted random data.
- any one of the P computing nodes can also be calculated. Therefore, the coefficients of the terms after G(y 1 ,y2,...,y N ) are expanded are also can be calculated.
- the terms of the function G(y 1 ,y2,...,y N ) include: a product of encrypted random data and the coefficients of the function, or a product of at least one encrypted random data and the coefficients of the function , and the product of the power of at least one encrypted random data and the coefficient of the function.
- the multinomial product of the functions G(y 1 ,y2,...,y N ) calculated by any one of the P computing nodes can be found in the auxiliary data obtained by the computing node.
- the multiplied values of the terms found in the data are multiplied by the corresponding coefficients in the function G(y 1 ,y2,...,y N ) to obtain the respective coefficients of the function G(y 1 ,y2,...,y N ).
- the result value of the term is finally added to the result value of the term of the function G(y 1 ,y2,...,y N ) to get the result of the function G(y 1 ,y2,...,y N )
- the result value that is, the result value of the function G(y 1 ,y2,...,y N ) is the target result fragment of the computing node.
- the target result fragment of the computing node is used as a fragment of an encrypted privacy data in the next calculation of the target function.
- ⁇ 1 ⁇ 1 z 1
- ⁇ 2 2 ⁇ 2 z 2
- ⁇ 3 ⁇ 2 z 2 2
- ⁇ 4 2 ⁇ 3z 3
- ⁇ 5 ⁇ 3 z 3 2
- ⁇ 1 , ⁇ 2 , ⁇ 3 , ⁇ 4 , and ⁇ 5 can be calculated.
- G(y 1 ,y 2 ,y 3 ) ⁇ 1 y 1 + ⁇ 1 + ⁇ 2 y 2 2 + ⁇ 2 y 2 + ⁇ 3 + ⁇ 3 y 3 2 + ⁇ 4 y 3 + ⁇ 5
- the first computing node obtains the first shards of encrypted random data, which are: [a 1 ]_1, [a 2 ]_1, [a 3 ]_1
- the auxiliary data acquired by the first computing node includes: a 1 , a 2 2 , a 2 , a 3 2 , and a 3 slices, namely [a 1 ]_1, [a 2 2 ]_1, [a 2 ]_1 , [a 3 2 ]_1, [a 3 ]_1 values.
- the result value of the function f( ⁇ ) is the target result slice.
- the target result fragments obtained by P computing nodes can be expressed as: f( ⁇ )_1, f( ⁇ )_2..., f( ⁇ )_P.
- S206 Any one of the P computing nodes sends the target result fragments obtained after executing the target task to the master node, and the master node receives the target result fragments obtained after the P computing nodes execute the target task.
- the master node obtains the target result data of the N encrypted privacy data according to the target result fragments obtained after the P computing nodes perform the target task.
- the master node determines the target result data of the N encrypted privacy data according to the target result fragments obtained after the P computing nodes perform the target task, which can be achieved in the following but not limited to the following ways:
- the master node adds the target result pieces obtained after the P computing nodes perform the target task, to obtain the target result data of the N encrypted privacy data.
- the master node can use the obtained target result data as a new encrypted privacy data, and can slice the target result obtained after the P computing nodes perform the target task as a new encrypted privacy data of P shards, the new encrypted privacy data is used in the next computation of the target task.
- the encrypted private data are b1, b2, and b3, and the encrypted random data are a1, a2, and a3.
- the P target result fragments obtained by the P computing nodes are: [f(x 1 ,x 2 ,x 3 )]_1, [f(x 1 ,x 2 ,x 3 )]_2...[f(x 1 ,x 2 ,x 3 )]_P, each computing node replaces x 1 ,x 2 ,x 3 in the function with slices of a 1 , a 2 , a 3 . details as follows:
- P-1 computing nodes can obtain the function [f(x 1 ,x 2 ,x 3 )]_2...[f(x 1 ,x 2 ,x 3 ) according to the calculation method of the first computing node ]_P.
- the main node section obtains the target result fragments of P computing nodes, namely [f(x 1 ,x 2 ,x 3 )]_1, [f(x 1 ,x 2 ,x 3 )]_2...[f (x 1 ,x 2 ,x 3 )]_P.
- the master node will [f(x 1 ,x 2 ,x 3 )]_1,[f(x 1 ,x 2 ,x 3 )]_1,[f(x 1 ,x 2 ,x 3 )]_2...[ f(x 1 ,x 2 ,x 3 )]_P as a new encrypted privacy data b 4 P shards.
- b 4 is a complete value, and b 4 can be used as an encrypted privacy data for the next calculation of the target task.
- the master node determines that the encrypted privacy data for the next calculation of the target task are b 4 , b 5 , b 6 , and the corresponding encrypted random data are a 4 , a 5 , a 6 , and the master node and P computing nodes execute the target task In the next calculation of , the specific calculation process is the same as the above steps S201-S206, and details are not repeated here.
- the P target results output by the P computing nodes are the final output of the target task.
- the amount of communication is only related to the amount of encrypted privacy data of the objective function, no matter how complex the objective function is, as long as the encrypted input value of the objective function is fixed, then the amount of communication involved in the phase of calculating the objective function is also fixed (i.e. the calculation phase).
- the amount of communication is related to the amount of encrypted private data for the objective function).
- the master node obtains N encrypted private data provided by the data provider, and determines corresponding N encrypted random data for each encrypted private data; Each encrypted random data in the data is divided into P first shards, and each encrypted private data in the N encrypted private data is divided into P second shards.
- P first shards in the data and P second shards in each encrypted privacy data are sent to P computing nodes respectively, so that each computing node receives N first shards and N second shards sharding; further, the master node sends a target task to the P computing nodes respectively, and the target task is used to instruct the corresponding computing node to use a preset calculation method to calculate the received first shard and the second shard to obtain the target Result fragmentation; finally, the master node receives the target result fragmentation obtained by the P computing nodes after executing the target task.
- the method of the present application can ensure that the number of communication rounds required to complete the target task is less than the number of communication rounds required to complete the target task on the premise of not leaking the data provided by the data provider. less, so that the target task can be completed efficiently.
- a data processing solution based on the above embodiments can also be used in logical operations for processing encrypted privacy data. Specifically, it can be as follows:
- the master node determines that the encrypted privacy data provided by the data provider is all 0 or 1, one shard of each encrypted input is provided to each of the P computing nodes. If any one of the P computing nodes receives the target task from the master node, the target task is used to instruct any one of the P computing nodes to calculate the logical operation (including AND, OR, not, XOR, etc.).
- Any one of the computing nodes can use the operation rule of the binary field (prime number field F2), encrypted privacy data, and encrypted privacy data fragments to perform the above steps S201-S206 to complete the logical operation between encrypted privacy data. Specific reasons:
- the encrypted privacy data and auxiliary data processed in the above steps S201-S206 may come from a certain ring (eg, an integer ring, a matrix ring, a polynomial residual class ring, etc.). Since the prime number field is a special integer ring, the above steps S201-S207 can be performed on the prime number field.
- a certain ring eg, an integer ring, a matrix ring, a polynomial residual class ring, etc.
- the solution of the present application can be transformed into an arithmetic operation task on the prime number field F2 when aiming at the target task of completing a logic operation. Therefore, when the computing node wants to calculate a target task of a logic operation, the computing task of the logic operation can be converted into a polynomial calculation of the secret input value on the prime number field F2, and then only the method of the above-mentioned embodiment of the present application (may be Referring to the above steps S201-S206), the calculation of the logical operation task can be completed.
- the computing node can calculate any logical operation task about encrypted privacy data (all encrypted privacy data are 0 or 1), and can effectively The communication amount and the number of communication rounds involved in the calculation process are reduced, thereby effectively improving the data processing efficiency and saving the overhead caused by the calculation of the system.
- the embodiments of the present application provide a data processing apparatus, which has the behavior function of the master node in the above method embodiments.
- the data processing apparatus may include modules or units corresponding to one-to-one execution of the methods/operations/steps/actions described in the above method embodiments, and the modules or units may be hardware circuits, software, or hardware circuits. Combined with software implementation.
- the device may have a structure as shown in FIG. 4 .
- the data processing apparatus 400 may include a communication unit 401 , a processing unit 402 , and a storage unit 403 , and each unit will be described in detail below.
- a communication unit 401 configured to obtain N encrypted private data provided by a data provider, and determine corresponding N encrypted random data for the N encrypted private data; the N is a positive integer;
- the processing unit 402 is configured to divide each encrypted random data in the N encrypted random data into P first fragments respectively, and divide each encrypted private data in the N encrypted private data into P second shards; the P is the number of computing nodes managed by the master node;
- the communication unit 401 can also be used to send the P first fragments in each encrypted random data to the P computing nodes respectively, and send the P second fragments in each encrypted private data to the P computing nodes respectively. shards, and then send them to the P computing nodes respectively, so that each computing node receives N first shards and N second shards; and sends them to the P computing nodes respectively target task, the target task is used to instruct the corresponding computing node to use the preset calculation method to calculate the received first fragment and the second fragment to obtain the target result fragment; finally, obtain the The target result fragments obtained after the P computing nodes execute the target task;
- the processing unit may also be configured to obtain target result data of the N encrypted privacy data according to the target result fragments obtained after the P computing nodes perform the target task.
- the communication unit 401 is further configured to send the auxiliary data and/or difference value of any one of the P computing nodes to any one of the P computing nodes; wherein, the The auxiliary data of any computing node includes: a fragment of any encrypted random data among the N encrypted random data, a fragment of the product of at least two encrypted random data, and a power of any encrypted random data.
- One shard; the N difference values of the any computing node are the N first shards sent by the master node to the any computing node, each of the first shards and the corresponding The difference value of the second shard.
- the target result slice conforms to the following function:
- the value of [f(x 1j ,x 2j , whilx Nj )]_j indicates the target result fragment obtained by the jth computing node, and x ij indicates that the jth computing node obtains the ith encrypted privacy data
- a second slice of , j is a positive integer less than or equal to P, i represents a positive integer less than or equal to N; the coefficients of each equation in f(.) are known; the jth computing node obtains
- the computing party multiplies the N second differences and the coefficients of the function f(.) to obtain each coefficient of the function G(.), and calculates each coefficient of the function G(.).
- the function G(.) is a function related to encrypted random data.
- the processing unit 402 determines the target result data of the N encrypted privacy data according to the target result fragments obtained after the P computing nodes perform the target task. , which can be specifically used for: adding the target result pieces obtained after the P computing nodes perform the target task, to obtain the target result data of the N encrypted privacy data.
- the storage unit 403 can be used to store data or instructions.
- the embodiment of the present application provides a data processing apparatus, which has the behavior function of the computing node in the above method embodiment.
- the data processing apparatus may include modules or units corresponding to one-to-one execution of the methods/operations/steps/actions described in the above method embodiments, and the modules or units may be hardware circuits, software, or hardware circuits. Combined with software implementation.
- the device may also have the structure shown in FIG. 4 .
- the data processing apparatus 400 may include a communication unit 401 , a processing unit 402 , and a storage unit 403 , and each unit will be described in detail below.
- the communication unit 401 is configured to receive N first fragments sent by the master node, where the N first fragments are divided into P pieces of each encrypted random data in the N encrypted random data generated by the master node
- the first fragment is obtained by sending P first fragments in each encrypted random data to P computing nodes respectively;
- the P is the number of computing nodes managed by the master node;
- the N is a positive integer;
- the processing unit 402 is configured to use the preset calculation method to calculate the N first fragments and the N second fragments to obtain target result fragments, and to fragment the target results sent to the master node.
- the communication unit 401 is further configured to acquire multiple auxiliary data, where the multiple auxiliary data is obtained according to the N first slices;
- the processing unit 402 uses the preset calculation method to calculate the N first shards and the N second shards, and obtains the calculation result, it can be specifically used to use the preset calculation method.
- the calculation method of calculates the N first fragments, the N second fragments, and the auxiliary data to obtain the target result fragment.
- the communication unit 401 when acquiring multiple pieces of auxiliary data, is specifically configured to: firstly receive the multi-party multiplication protocol algorithm used by the master node, and then calculate the N pieces of encrypted random data to obtain The auxiliary data; the auxiliary data includes: a fragment of any encrypted random data among the N encrypted random data, a fragment of the product of at least two encrypted random data, and any one encrypted random data power a slice of .
- the processing unit 402 using the preset calculation method, calculates the N first slices, the N second slices, and the auxiliary data , when the target result fragment is obtained, it can be specifically used to: first, determine the difference between each of the N first fragments and the corresponding second fragment, and obtain N or receive, through the communication unit 401, the difference between each of the first slices and the corresponding second slice among the N first slices determined by the master node first difference;
- the N first difference values respectively sent by the other P-1 computing nodes are obtained through the communication unit 401, and the N first difference values of any one of the P-1 computing nodes are the arbitrary first difference values.
- the N first differences are the differences between each of the N first fragments and the corresponding second fragment among the N first fragments determined by the master node and received by any one of the computing nodes value;
- first difference values from the same encrypted random data and encrypted privacy data in the P*N first difference values are superimposed to obtain N second difference values, and the N second difference values are used to represent all the difference values.
- the obtained auxiliary data and the N second difference values are used to obtain the target result fragment.
- the target result slice conforms to the following function:
- the value of [f(x 1j ,x 2j , whilx Nj )]_j indicates the target result fragment obtained by the jth computing node, and x ij indicates that the jth computing node obtains the ith encrypted privacy data
- a second slice of , j is a positive integer less than or equal to P, i represents a positive integer less than or equal to N; the coefficients of each equation in f(.) are known; the jth computing node obtains
- the computing party multiplies the N second differences and the coefficients of the function f(.) to obtain each coefficient of the function G(.), and calculates each coefficient of the function G(.).
- the function G(.) is a function related to encrypted random data.
- the storage unit 403 can be used to store data or instructions.
- an embodiment of the present application also provides a data processing device used in the present application.
- the data processing device may have a structure as shown in FIG. 5 , and the data processing device may serve as a master node, or may support a master node.
- the data processing device 500 shown in FIG. 5 may include at least one processor 502, the at least one processor 502 is configured to be coupled with the memory 503, and read and execute the instructions in the memory to implement the instructions provided by the embodiments of the present application. The steps involved in the master node in the method.
- the data processing device 500 may further include a communication module 501, and the communication module 501 may be configured to support the data processing device 500 to receive or send signaling or data.
- the communication module 501 in the data processing device 500 can be used to implement the functions of the communication unit 401 of the above-mentioned master node.
- the communication module 501 can be used by the data processing device 500 to perform S203, Steps S204 and S206 are shown.
- the processor 502 can be used to implement the functions of the above-mentioned processing unit 402.
- the processor 502 can be used by the data processing device 500 to perform steps S201 and S202, S207, the shown step.
- the communication module 501 may be coupled to an antenna for supporting the data processing apparatus 500 to communicate.
- the data processing device 500 may further include a memory 503, in which computer programs and instructions are stored, and the memory 503 may be coupled with the processor 502 and/or the communication module 501 to support the processor 502 to call the computer program in the memory 503. , instructions to implement the steps involved in the master node in the method provided by the embodiment of the present application; in addition, the memory 503 may also be used to store the data involved in the method embodiment of the present application, for example, used to store the support communication module 501 necessary to realize interaction data and information.
- an embodiment of the present application also provides a data processing device used in the present application.
- the data processing device may also have a structure as shown in FIG. 5 , and the data processing device may serve as multiple computing nodes managed by the master node. Any one of the nodes may also be a chip or a chip system capable of supporting any one of the computing nodes to implement the above method.
- the data processing device 500 shown in FIG. 5 may include at least one processor 502, the at least one processor 502 is configured to be coupled with the memory 503, and read and execute the instructions in the memory to implement the instructions provided by the embodiments of the present application. The steps involved in computing the node in the method.
- the data processing device 500 may further include a communication module 501, and the communication module 501 may be configured to support the data processing device 500 to receive or send signaling or data.
- the communication module 501 in the data processing device 500 can be used to implement the functions of the communication unit 401 of the above computing node.
- the communication module 501 can be used by the data processing device 500 to execute S203, Steps S204 and S206 are shown.
- the processor 502 can be used to implement the functions of the processing unit 402 of the above computing node.
- the processor 502 can be used by the data processing device 500 to execute S205 in the data processing method shown in FIG. 2 . , the steps shown.
- the communication module 501 may be coupled to an antenna for supporting the data processing apparatus 500 to communicate.
- the data processing device 500 may further include a memory 503, in which computer programs and instructions are stored, and the memory 503 may be coupled with the processor 502 and/or the communication module 501 to support the processor 502 to call the computer program in the memory 503. , instructions to implement the steps involved in the master node in the method provided by the embodiment of the present application; in addition, the memory 503 may also be used to store the data involved in the method embodiment of the present application, for example, used to store the support communication module 501 necessary to realize interaction data and information.
- the coupling in the embodiments of the present application is an indirect coupling or communication connection between devices, units or modules, which may be in electrical, mechanical or other forms, and is used for information exchange between units or modules.
- the connection medium between the communication module, the processor, and the memory is not limited in the embodiments of the present application.
- the communication module 501, the processor 502, and the memory 503 in FIG. 5 may be connected through a bus 504, and the bus may be divided into an address bus, a data bus, a control bus, and the like.
- the division of modules in the embodiments of the present application is schematic, and is only a logical function division. In actual implementation, there may be other division methods.
- the functional modules in the various embodiments of the present application may be integrated into one processing unit. In the device, it can also exist physically alone, or two or more modules can be integrated into one module.
- the above-mentioned integrated modules can be implemented in the form of hardware, and can also be implemented in the form of software function modules.
- An embodiment of the present application provides a computer-readable storage medium storing a computer program, where the computer program includes instructions for executing the foregoing method embodiments.
- the embodiments of the present application provide a computer program product containing instructions, which, when executed on a computer, cause the computer to execute the above method embodiments.
- Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another.
- a storage medium can be any available medium that a computer can access.
- computer readable media may include RAN, RON, electrically erasable programmable read only memory (electrically erasable prograNNable read only NeNory, EEPRON), coNpact disc read-Only NeNory, CD- RON) or other optical disk storage, magnetic disk storage media, or other magnetic storage devices, or any other medium that can be used to carry or store the desired program code in the form of instructions or data structures and that can be accessed by a computer. also. Any connection can be appropriately made into a computer-readable medium.
- disks and discs include compact discs (coNpact discs, CDs), laser discs, optical discs, digital video discs (DVDs), floppy disks, and Blu-ray discs, wherein Disks usually reproduce data magnetically, while discs use lasers to reproduce data optically. Combinations of the above should also be included within the scope of computer-readable media.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
一种数据处理的方法和装置,该方法,包括:主节点获取N个加密隐私数据并确定N个加密随机数据;主节点将每个加密随机数据和每个加密隐私数据分别划分成P个第一分片和P个第二分片,再将每个加密随机数据中的P个第一分片和每个加密隐私数据中的P个第二分片分别发送给P个计算节点,每个计算节点接收N个第一分片和N个第二分片;主节点分别向P个计算节点发送目标任务,使得P个计算节点使用预设的计算方式对接收的第一分片和第二分片进行计算,得到目标结果分片;主节点根据接收的P个计算节点的目标结果分片,确定目标结果数据。该方法可保证在不泄露加密隐私数据下,使得完成目标任务所需要的通信轮数较少,从而可以高效完成目标任务。
Description
相关申请的交叉引用
本申请要求在2021年04月13日提交中国专利局、申请号为202110396616.5、申请名称为“一种数据处理的方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及通信技术领域,尤其涉及一种数据处理的方法和装置。
随着互联网技术的快速发展,数据的共享和数据的隐私保护已受到工业界和学术界的高度关注。例如企业需要获取多方用户提供的数据,进行数据统计和分析,然而企业或用户并不希望因此暴露自身的个人隐私和商业隐私。因此,多个计算方需要在保护各方数据的隐私的同时,还可以联合使用多方提供的数据,计算出最终输出的结果。
安全多方计算是一个重要技术,该方案可以在保证不泄露各方输入数据的情况下,多个参与的计算方能够完成某个指定的计算任务。然而,针对较大任务量的数据计算,采用安全多方计算协议,普遍存在通信轮数过多或通信量过大的问题,从而造成完成所有数据计算任务所需要的时间开销较大。
发明内容
一种数据处理的方法和装置,用于实现多个计算方高效的完成数据处理任务。
第一方面,本申请实施提供一种数据处理的方法,在本申请中,以由主节点执行该方法为例进行描述。主节点可以是参与计算的多个计算节点中的一个节点,也可以是独立于多个计算节点之外的一个独立节点。该方法的步骤包括:主节点获取数据提供方提供的N个加密隐私数据,并为N个加密隐私数据确定对应的N个加密随机数据;所述N为正整数;所述主节点将所述N个加密随机数据中的每个加密随机数据分别划分成P个第一分片,并将所述N个加密隐私数据中的每个加密隐私数据分别划分成P个第二分片;所述P为所述主节点管理的计算节点的数量;所述主节点将所述每个加密随机数据中的P个第一分片,分别发送给P个计算节点,并将所述每个加密隐私数据中的P个第二分片,分别发送给所述P个计算节点,使得每个计算节点接收到N个所述第一分片和N个所述第二分片;所述主节点分别向所述P个计算节点发送目标任务,所述目标任务用于指示对应的计算节点使用预设的计算方式对接收的所述第一分片和所述第二分片进行计算,得到目标结果分片;所述主节点获取所述P个计算节点执行所述目标任务后得到的所述目标结果分片;所述主节点根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,得到目标结果数据。
通过该设计,主节点可以根据数据提供方提供的N个加密隐私数据,同时确定相应数量的N个加密随机数据,主节点根据管理的计算节点的个数P,将N个加密隐私数据和N 个加密随机数据中每个加密隐私数据和每个加密随机数据均分成P份,将每个加密隐私数据的一个分片和每个加密随机数据的一个分片发送给每个计算节点。然后,主节点将目标任务发送给每个计算节点,使得每个计算节点使用预设的计算方式对接收的加密随机数据的分片和加密隐私数据的分片进行计算,得到目标结果分片,并根据每个计算节点得到的目标结果分片得到目标结果数据。该方案针对多个加密隐私数据时,相比采用现有安全多方计算,该方案无需通过多轮通信实现任意多项式计算,从而可减少了执行目标任务的通信轮数,可提高数据的计算效率。
在一种可能的实施方式中,所述方法还包括:所述主节点向所述P个计算节点中的任意一个计算节点发送所述任意一个计算节点的辅助数据和/或差值;其中,所述任意一个计算节点的辅助数据中包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片;所述任意一个计算节点的N个差值为所述主节点发送给所述任意一个计算节点的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值。
通过该设计,所述任意一个计算节点可以使用差值和加密随机数据代替加密隐私数据,将目标函数转成为关于加密随机数据的函数;进一步的,所述任意一个计算节点可以根据所述辅助数据,计算出加密随机数据的函数的各项乘积的值,从而可以有效得到该函数的结果值。因此,该方案中任意一个计算节点针对多个加密隐私数据且无论目标函数多复杂时,仅需要执行一轮通信即可完成目标函数的计算,从而可提高数据处理的效率,也减少了数据处理所需的开销。
在一种可能的实施方式中,所述目标结果分片可以符合以下函数:
[f(x
1j,x
2j,......x
Nj)]_j
[f(x
1j,x
2j,......x
Nj)]_j的值表示第j个计算节点得到的目标结果分片,x
ij表示第j个计算节点获取第i个加密隐私数据的一个第二分片,j为小于或等于P的正整数,i表示小于或等于N的正整数;f(.)中各项式的系数均已知;所述第j个计算节点得到的目标结果分片由所述计算方将所述N个第二差值和函数f(.)的系数相乘得到函数G(.)的每个系数,并将函数G(.)的每个系数与所述辅助数据中对应的分片相乘得到多项乘积后,再将所述多项乘积相加得到的;所述函数G(.)为关于加密随机数据的函数。
通过该设计,所述任意一个计算节点使用该公式,可以有效的得到目标任务的结果,由于所述任意一个计算节点以输入值为分片形式代入该目标函数中,因此,最后得到的结果为任意一个计算节点的目标结果分片。
在一种可能的实施方式中,所述主节点根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,得到目标结果数据,包括:所述主节点将所述P个计算节点执行所述目标任务后得到的所述目标结果分片相加,得到所述目标结果数据。
通过该设计,主节点可以将接收到的P个计算节点得到的目标结果分片作为一个新的加密隐私数据的P个分片,可以直接用于目标任务的下一次计算中。显然可知,在目标任务中涉及的加密隐私数据较多时,采用这种方式可以灵活的分配每次执行目标任务所涉及的加密隐私数据,既可保证最终完成目标任务,也可减少执行目标任务的通信轮数。
第二方面,本申请实施提供一种数据处理的方法,在本申请中,以由P个计算节点中任意一个计算节点执行该方法进行描述。该方法的步骤包括:计算节点接收主节点发送的N个第一分片,所述N个第一分片为所述主节点对生成的N个加密随机数据中的每个加密随机数据划分成P个第一分片,并将所述每个加密随机数据中的P个第一分片分别发送给 P个计算节点得到的;所述P为所述主节点管理的计算节点的数量;所述N为正整数;所述计算节点接收所述主节点发送的N个第二分片,所述N个第二分片为所述主节点对数据提供方提供的N个加密隐私数据中的每个加密隐私数据划分成P个第二分片,并将所述每个加密隐私数据中的P个第二分片分别发送给所述P个计算节点得到的;所述计算节点接收所述主节点发送的目标任务,所述目标任务用于指示所述计算节点使用预设的计算方式对接收的所述N个第一分片和所述N个第二分片进行计算;所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片进行计算,得到目标结果分片,并将所述目标结果分片发送给所述主节点。
通过该设计,P个计算节点中任意一个计算节点接收主节点发送的N个加密隐私数据中每个加密隐私数据的一个分片和N个加密随机数据中每个加密隐私数据的一个分片,然后,所述任意一个计算节点接收主节点发送的目标任务,所述任意一个计算节点使用预设的计算方式对接收的加密随机数据的分片和加密隐私数据的分片进行计算,得到目标结果分片。该方案针对多个加密隐私数据时,相比采用现有安全多方计算,该方案无需通过多轮通信实现任意多项式计算,从而可减少执行目标任务的通信轮数,可提高数据的计算效率。
在一种可能的实施方式中,所述方法还包括:所述计算节点获取辅助数据,所述辅助数据根据所述N个第一分片得到的;所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片进行计算,得到计算结果,包括:所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片,以及所述辅助数据进行计算,得到目标结果分片。
通过该设计,所述任意一个计算节点获取到所述辅助数据,由于所述辅助数据是根据N个加密随机数据的第一分片得到的,因此,该方案中,主节点将所述辅助数据发送给任意一个计算节点,使得所述任意一个计算节点可以有效的计算得到目标结果分片。
在一种可能的实施方式中,所述计算节点获取多个辅助数据,包括:所述计算节点接收由所述主节点使用多方乘法协议算法,对所述N个加密随机数据进行计算得到的辅助数据;所述辅助数据中包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片。
通过该设计,辅助数据可以由可信的主节点使用多方乘法协议算法,对所述N个加密随机数据进行计算得到的,所述任意一个计算节点获取到的该辅助数据具体包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片,因此,该方案中所述任意一个计算节点可以借助获取的辅助数据,保证有效的计算得到目标结果分片,同时也可减少计算目标结果分片所需的通信轮数。
在一种可能的实施方式中,所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片,以及所述辅助数据进行计算,得到目标结果分片,包括:
所述计算节点确定所述N个第一分片中每个所述第一分片和对应的所述第二分片之间的差值,得到N个第一差值;或者所述计算节点接收由所述主节点确定的所述N个第一分片中每个所述第一分片和对应的所述第二分片之间的第一差值;
所述计算节点获取其它P-1个计算节点分别发送的N个第一差值,所述P-1个计算节点中任意一个计算节点的N个第一差值为所述任意一个计算节点接收的所述N个第一分片 中每个所述第一分片和对应的所述第二分片的差值;或者所述P-1个计算节点中任意一个计算节点的N个第一差值为所述主节点确定的所述任意一个计算节点接收到的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值;
所述计算节点将P*N个第一差值中来自相同加密随机数据和加密隐私数据的第一差值进行叠加,得到N个第二差值;所述N个第二差值用于表示所述N个加密隐私数据与所述N个加密随机数据之间的差值;所述计算节点使用所述预设的计算方式,对获取的所述辅助数据和所述N个第二差值,得到所述目标结果分片。
通过该设计,P个计算节点中任意一个计算节点,获取P个计算节点中每个计算节点的N个第一差值,进一步可以根据P*N个第一差值,得到N个第二差值,该N个第二差值为所述N个加密隐私数据与所述N个加密随机数据之间的差值。所述任意一个计算节点可以使用所述N个第二差值和N个加密随机数据代替N个加密隐私数据,将目标函数转成为关于加密随机数据的函数。进一步,所述任意一个计算节点可以借助获取的所述辅助数据,确定加密随机数据的函数中各项的乘积值并相加各项的乘积值,得到加密随机数据的函数的结果值,将该加密随机数据的函数的结果值作为该计算节点的目标结果分片。显然该方案中任意一个计算节点针对多个加密隐私数据且无论目标函数多复杂时,仅需要执行一轮通信即可完成目标函数的计算,从而可提高数据处理的效率,也可减少数据处理所需的开销。
在一种可能的实施方式中,所述目标结果分片符合以下函数:
[f(x
1j,x
2j,......x
Nj)]_j
[f(x
1j,x
2j,......x
Nj)]_j的值表示第j个计算节点得到的目标结果分片,x
ij表示第j个计算节点获取第i个加密隐私数据的一个第二分片,j为小于或等于P的正整数,i表示小于或等于N的正整数;f(.)中各项式的系数均已知;所述第j个计算节点得到的目标结果分片由所述计算方将所述N个第二差值和函数f(.)的系数相乘得到函数G(.)的每个系数,并将函数G(.)的每个系数与所述辅助数据中对应的分片相乘得到多项乘积后,再将所述多项乘积相加得到的;所述函数G(.)为关于加密随机数据的函数。
通过该设计,所述任意一个计算节点使用该公式,可以有效的得到目标任务的结果,由于所述任意一个计算节点以输入值为分片形式代入该目标函数中,因此,最后得到的结果为该意一个计算节点的目标结果分片。
第三方面,本申请实施例提供了一种数据处理的装置,该装置可应用于主节点,具有实现上述第一方面或上述第一方面的任意一种可能的设计中第一种方案的功能,该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的单元。比如包括通信单元和处理单元。
第四方面,本申请实施例提供了一种数据处理的装置,该装置可应用于由主节点管理的任意一个计算节点,具有实现上述第二方面或上述第二方面的任意一种可能的设计中第一种方案的功能,该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的单元。比如包括通信单元和处理单元。
第五方面,本申请实施例中还提供一种计算机存储介质,该存储介质中存储软件程序,该软件程序在被一个或多个处理器读取并执行时可实现第一方面或其中任意一种设计提供的第一种方案,或者可实现第二方面或其中任意一种设计提供的第一种方案。
第六方面,本申请实施例还提供一种包含指令的计算机程序产品,当其在计算机上运行时,使得上述第一方面或其中任一种设计提供的第一方案被执行,或者使得上述第二方 面或其中任一种设计提供的第一方案被执行。
第七方面,本申请实施例提供了一种芯片系统,该芯片系统包括处理器,用于支持车载设备实现上述第一方面中所涉及的功能,或者实现上述第三方面中所涉及的功能。
第八方面,本申请实施例提供了一种芯片系统,该芯片系统包括处理器,用于支持第一路侧设备实现上述第二方面中所涉及的功能,或者实现上述第四方面中所涉及的功能。
在一种可能的设计中,所述芯片系统还包括存储器,所述存储器,用于保存通信装置必要的程序指令和数据。该芯片系统,可以由芯片构成,也可以包含芯片和其他分立器件。
第九方面,本申请实施例还提供一种通信系统,该通信系统包括用于执行上述第一方面或其中任一种设计提供的方法的主节点,和主节点管理的多个计算节点中每个计算节点用于执行上述第二方面或其中任一种设计提供的方法的计算节点,和用于实现所述主节点和主节点管理的计算节点之间的传输信道,以及主节点管理的多个计算节点之间的传输信道。
上述第三方面和第三方面中可以达到的技术效果,可以参照上述第一方面或第一方面中任意一种设计可以达到的技术效果说明;上述第四方面和第四方面中可以达到的技术效果,可以参照上述第二方面或第二方面中任意一种设计可以达到的技术效果说明,这里不再重复赘述。
图1A为本申请实施例中提供的一种应用场景示意图;
图1B为本申请实施例中提供的一种应用场景示意图;
图1C为本申请实施例中提供的一种AI推理场景的示意图;
图2为本申请实施例中提供一种数据处理的方法的流程示意图;
图3A为本申请实施例中提供的一种数据处理的结构示意图;
图3B为本申请实施例中提供的另一种数据处理的结构示意图;
图4为本申请实施例中提供的一种数据处理装置的结构示意图;
图5为本申请实施例中提供的一种数据处理设备的结构示意图。
本申请实施例提供一种数据处理的方法和装置。其中,方法和装置是基于相同或相似技术构思的,由于方法及装置解决问题的原理相似,因此装置与方法的实施可以相互参见,重复之处不再赘述。
以下,首先对本申请实施例中的部分用语进行解释说明,以便于本领域技术人员理解。
1)、本申请实施例中涉及的安全多方计算(Secure Multi-Party Computation,SMPC):n个计算方在不泄露各自输入值的情况下,完成与各方输入值有关的某个指定函数的计算,并保证结果的正确性。
2)、本申请实施例中涉及的辅助数据,属于数据秘密分享。数据秘密分享主要包括加法秘密分享(Additive Secret Sharing,ASS)、Shamir秘密分享(Shamir’s Secret Sharing,SSS)、异或运算的秘密分享。
加法秘密分享(ASS):对于加法群G,秘密值a属于G,并在G上选取随机数据a
1,a
2,…, a
n-1,并计算an=a–(a
1+a
2+…+a
n-1),则{a
1,a
2,…,a
n}是秘密值a的一组加法秘密分享,满足a=a
1+a
2+…+a
n,且每一个ai被称为秘密值a的秘密分享的分片。在使用加法秘密分享时,把a
1,a
2,…,a
n分别分配给n个参与方。当需要恢复出秘密值a时,需要收集所有分片a
1,a
2,…,a
n,才能恢复处秘密值a。
加法秘密分享可以扩展到整数环、素数域、矩阵环、有限域、多项式剩余类环等。
Shamir秘密分享(SSS):对于秘密值a,随机选取t-1个随机数据a
t-1,a
t-2,…,a
1,构造多项式f(x)=b
t-1x
t-1+b
t-2x
t-2+…+b
1x+a,其中a为f(x)的常数项。设有n个参与方,他们的ID分别是ID
1,ID
2,…,ID
n,计算f(ID1),f(ID2),…,f(IDn),将f(IDi)分发给第i个参与方。f(ID
1),f(ID
2),…,f(ID
n)被称为秘密值a的ShaNir秘密分享,每个f(IDi)被称为一个ShaNir秘密分享的分片。当需要恢复秘密值a时,必须收集到至少t个分片,才可会恢复处秘密值a。恢复过程如下:
不妨设收集到的分片为f(ID
1),f(ID
2),...,f(ID
t)。利用拉格朗日插值公式可以恢复处多项式f(x),之后f(0)就是秘密值a。
异或运算的秘密分享:秘密值a为0或1,a
i为0或1,如果a=a
0XORa
1XOR...XORa
k,{a
0,a
1,...,a
k}被称为秘密值a的一组异或运算的秘密分享。
[a]:表示秘密值a的秘密分享(例如本申请中的加密隐私数据的分片),其是包含a的秘密分享的所有分片的集合。这种表示秘密分享的方法可以应用于“加法秘密分享”、“Shamir秘密分享”或“异或运算的秘密分享”。例如,如果a=a
1+a
2+...+a
n,则[a]={a
1,a
2,...,a
n};如果f(x)=b
t-1x
t-1+b
t-2x
t-2+...+b
1x+a,则[a]={f(ID
1),f(ID
2),...,f(ID
n)};如果a=a
0XORa
1XOR...XORa
k,则[a]={a
0,a
1,...,a
k}。
3)、本申请实施例中涉及的多方乘法协议:t个计算方P
1,P
2,...,P
t执行多方乘法协议,P
i的输入{a_i,b_i}执行乘法协议,每个计算方P
i得到输出c_i,满足:
c_1+c_2+...+c_t=(a_1+a_2+...+a_t)*(b_1+b_2+...+b_t)
其中,a_i表示a的第i个分片,b_i表示b的第i个分片。
整数环ZN上的算术运算:a,b属于ZN,a+b=a+b(Nod N),a*b=a*b(Nod N)。
素数域Fq上的算术运算:a,b属于ZN,a+b=a+b(Nod q),a*b=a*b(Nod q)。对于任意Fq上的非零元素c,那么Fq上必然存在一个元素d,满足c*d=1,那么“a除以c”可以通过“a*d(Nod q)”得出。
逻辑运算:输入值是0或1,输入值之间的逻辑运算包含“与”、“或”、“非”和“异或”等。
4)、本申请实施例中涉及的主节点和计算节点,可以为一个连接点,表示一个再分发或一个通信端点。通信端点,比如一些终端设备、车载设备或路侧设备等。本申请实施例涉及的节点,还可以但不限于为物理网络节点,物理网络节点通常为连接到网络的由源电子设备。例如,物理网络节点可以是数据电路端接设备,如调制解调器,集线器、桥接器或交换器。
在本申请实施例中,主节点具有数据传输、数据存储、以及管理计算节点的功能。计算节点也具有数据传输、数据计算、数据存储的功能。主节点可以为多个计算节点中的任意一个节点,即也可以和其他计算节点参与多任务的协同计算,也可以为独立于多个计算 节点之外的一个独立节点。
本申请实施例中,对主节点和计算节点不做具体限定。可以包括但不限于通信网络中的物理网络节点。例如主节点和计算节点还可以为通信系统中相互独立的管理设备和由管理设备管理的多个计算设备。
应理解,本申请的主节点或管理设备为可信的,它接收到数据提供方提供的数据,以及相关隐私数据时,不能直接向外界或任何其它计算方泄露。
需要说明的是,本申请实施例中,[a]_j表示秘密分享[a]的第j个分片,y
j不表示秘密分享的分片,而是表示第j个输入值或加密值。
本申请实施例的描述中,“和/或”描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。“连接”,描述两个对象的连接关系,可以表示两种连接关系,例如,A和B连接,可以表示:A与B直接连接,A通过C和B连接这两种情况。
字符“/”一般表示前后关联对象是一种“或”的关系。本申请中所涉及的至少一个是指一个或多个;多个,是指两个或两个以上。
另外,需要理解的是,在本申请的描述中,“第一”、“第二”、“第三”等词汇,仅用于区分描述的目的,而不能理解为指示或暗示相对重要性,也不能理解为指示或暗示顺序。
在本说明书中描述的参考“一种实施方式”或“一些实施方式”等意味着在本申请的一个或多个实施方式中包括结合该实施例描述的特定特征、结构或特点。由此,在本说明书中术语“包括”、“包含”、“具有”及它们的变形都意味着“包括但不限于”,除非是以其他方式另外特别强调。
下面对本申请实施例的应用场景进行介绍。如图1A-1B所示,为本申请实施例提供的一种数据处理的应用场景。
参考图1A所示,多个数据提供方:企业、政府,以及用户个人,他们希望通过多个计算(例如计算方1、计算方2......计算方n),使用多方的数据进行分析并完成指定的目标任务,但是数据提供方在提供数据的同时,又不想暴露自己的数据隐私。在现有的安全多方计算方案中,可以实现保证不泄漏各方输入的数据的情况下,还可以联合多方的数据,保证正确的完成某个指定的目标任务。
现有的安全多方计算方法,广泛应用于大数据分析、AI训练和AI推理中。例如,基于安全多方计算的机器学习,能够在保护各方数据集的情况下,联合训练模型;基于安全多方计算的AI推理,可以在保护服务方的模型和客户方的数据情况下,完成推理任务;基于安全多方计算的密码算法,能够在不暴露密钥的情况下完成对数据的加密和解密等。因此,安全多方计算将会对数据的共享与公用提供有力支撑,保障各方的隐私。安全多方计算。
1)、AI训练的场景:多家企业各自持有来自各自业务的数据集,如图1B所示,企业的服务器1、服务器2......服务器n对应存储相应的数据集1、数据集2......数据集n。如果这些企业希望使用他们服务器中存储的数据集进行联合训练,得到精度比较高的AI模型。然而,在实际情况下,各企业的数据集都是商业机密,不能对外暴露。因此,这种情况下,使用多方计算的方案,可以保证在不暴露各个企业数据集隐私的情况下,利用全部数据集,完成联合的AI训练,最终得到AI模型。
2)、AI推理场景:如图1C所示,在客户端,用户想使用企业的服务器中存储的AI 模型,对自己本地图片进行AI推理。但是AI模型是企业的资产,不能直接发送给用户。并且用户也不希望向企业暴露自己的图片。因此,用户和企业可以利用两方计算协议(属于安全多方计算技术),在保护企业和用户各自的AI模型和图片的隐私情况下,完成AI推理任务,得到最终的AI推理结果。
然而,当计算任务比较复杂时,采用现有的安全多方计算方案中,随着目标任务对应的设定目标函数的乘法阶数越高,通信的轮数越多或通信量越大的问题。因此,当计算任务较为复杂,采用现有安全多方计算方案完成所有计算任务的时间开销也较大。
因此,本申请提供了一种数据处理的方法,首先,主节点获取数据提供方提供的N个加密隐私数据,并为N个加密隐私数据确定对应的N个加密随机数据;然后,主节点将N个加密随机数据中的每个加密随机数据分别划分成P个第一分片,并将N个加密隐私数据中的每个加密隐私数据分别划分成P个第二分片,主节点再将每个加密随机数据中的P个第一分片和每个加密隐私数据中的P个第二分片,分别发送给P个计算节点,使得每个计算节点接收到N个第一分片和N个第二分片;进一步主节点分别向P个计算节点发送目标任务,该目标任务用于指示对应的计算节点使用预设的计算方式对接收的第一分片和第二分片进行计算,得到目标结果分片;最后主节点分别接收P个计算节点执行该目标任务后得到的目标结果分片。该方法可以保证在不泄露数据提供方提供的数据前提下,使得完成目标任务所需要的通信轮数较少,从而可以高效完成目标任务。
本申请实施例提供一种数据处理的方法,该方法可适用于但不限于如图1A所示的应用场景。参阅图2所示,为本申请实施例提供的一种数据处理的方法流程图,该方法包括如下步骤:
S201:主节点获取数据提供方提供的N个加密隐私数据,并为每个加密隐私数据确定对应的N个加密随机数据;N为正整数。
其中,加密隐私数据为数据提供方提供的非明文公开数据,数据提供方可以为企业、政府、用户等,主要用于提供目标任务所需要的实际数据。各数据提供方提供的完整加密隐私数据仅为各数据提供方自身所持有,不能被泄露,例如不能被任何计算节点知道。
应理解,本申请中的加密隐私数据和加密随机数据可以但不限于为具体的某个数值。
可选的,主节点获取数据提供方提供的N个加密隐私数据之前,可以预先生成M个加密随机数据,M为大于或等于N的正整数。主节点在获取数据提供方提供的N的加密隐私数据时,可以从上述预先存储的M个加密随机之中,选取N个加密随机数据。
S202:主节点将N个加密随机数据中的每个加密随机数据分别划分成P个第一分片,并将N个加密隐私数据中的每个加密隐私数据分别划分成P个第二分片;P为所述主节点管理的计算节点的数量。
示例性的,主节点管理的计算节点数量为2个,获取3个加密随机数据a1、a2、a3,对3个加密随机数据进行划分,包括以下:
主节点将a1划分成a1_1和a1_2,其中,a1_1为加密随机数据a1的一个第一分片,a1_2为加密随机数据a1的另外一个第一分片。主节点将a2划分成a2_1和a2_2,其中,a2_1为加密随机数据a2的一个第一分片,a2_2为加密随机数据a2的另外一个第一分片。主节点将a3划分成a3_1和a3_2,其中,a3_1为加密随机数据a3的一个第一分片,a3_2为加密随机数据a3的另外一个第一分片。
主节点获取3个加密隐私数据b1、b2、b3,对3个加密隐私数据进行划分,包括以下:
将b1划分成b1_1和b1_2,其中,b1_1为加密隐私数据b1的一个第二分片,b1_2为加密随机数据b1的另外一个第一分片。将b2划分成b2_1和b2_2,其中,b2_1为加密隐私数据b2的一个第二分片,b2_2为加密隐私数据b2的另外一个第二分片。将b3划分成b3_1和b3_2,其中,b3_1为加密隐私数据b3的一个第二分片,b3_2为加密隐私数据b3的另外一个第二分片。
应理解,本申请中,分片可以为某个值的一部分,或者某段话的一部分,或者某bit数据包中的部分等。
例如,一个数值10,将该数值10分成2个分片,将该数值10划分成2个分片的具体方式,本申请不做具体限定,只要该2个分片加和为10即可。第一分片和第二分片可以为但不限于为:2和8,或者3和7,或者4和6,或者5和5。
再例如,一段话“这是我曾经热爱的事业”,将该段话分成2个分片的具体方式,本申请不做具体限定,只要该2个分片组合成该段话即可。第一分片和第二分片可以为但不限于为:“这是我”和“曾经热爱的事业”,或者“这是我曾经热爱的”和“事业”。
再例如,10bit数据包,将该10bit数据包分成2个分片的具体方式,本申请不做具体限定,只要该2个分片bit数之和等于10即可。第一分片和第二分片可以为但不限于为:2bit数据包和8bit数据包,或者3bit数据包和7bit数据包,或者4bit数据包和6bit数据包,或者5bit数据包和5bit数据包。
S203:主节点将每个加密随机数据中的P个第一分片,分别发送给P个计算节点,并将每个加密隐私数据中的P个第二分片,分别发送给P个计算节点,使得每个计算节点接收到N个第一分片和N个第二分片。
如图3A或3B所示,在计算阶段中,第二步骤:依次向第1、2、3、4个计算节点发送第1个数据提供方提供的加密隐私数据的一个分片(第二分片)和该加密隐私数据对应的加密随机数据的一个分片(第一分片)(每个计算节点获取的分片不一样)。第三步骤:依次向第1、2、3、4个计算节点发送第2个数据提供方提供的加密隐私数据的一个分片和该加密隐私数据对应的加密随机数据的一个分片(第一分片)(每个计算节点获取的分片不一样)。
示例性的,基于上述S202中的例子,主节点将每个加密随机数据的一个第一分片a1_1、a2_1、a3_1发送给第1个计算方,将每个加密随机数据的另一个第一分片a1_2、a2_2、a3_2发送给第2个计算方。主节点将每个加密隐私数据的一个第二分片b1_1、b2_1、b3_1发送给第1个计算方,将每个加密隐私数据的另一个第二分片b1_2、b2_2、b3_2发送给第2个计算方。
因此,第1个计算节点获取随机数据的第一分片为:a1_1、a2_1、a3_1,第1个计算节点获取到的加密隐私数据的第二分片为:b1_1、b2_1、b3_1。
第2个计算节点获取到的加密随机数据的第一分片为:a1_2、a2_2、a3_2,第2个计算节点获取到的加密隐私数据的第二分片为:b1_2、b2_2、b3_2。
S204:主节点分别向P个计算节点发送目标任务,P个计算节点接收到主节点发送的目标任务,目标任务用于指示对应的计算节点使用预设的计算方式对接收的第一分片和第二分片进行计算,得到目标结果分片。
可选的,主节点向P个计算节点发送目标任务,该目标任务相同,预设的计算方式可以包括但不限于具体的目标公式或目标函数。
S205:P个计算节点中任意一个计算节点使用预设的计算方式,对已接收的N个第一分片和N个第二分片进行计算,得到目标结果分片。
在一种实施方式中,在执行步骤S205之前,还包括:主节点使用多方乘法协议算法,对N个加密随机数据进行计算得到第一辅助数据,主节点将第一辅助数据中包括的每项数据均划分成P个分片,然后,将第一辅助数据中每项数据的一个分片发送给P个计算节点中的任意一个计算节点。任意一个计算节点接收辅助数据中每项数据的一个分片(辅助数据)。其中,任意一个计算节点的辅助数据中包括:N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片。
具体的,如图3A所示,在预计算阶段(第一步骤),可以通过可信的主节点或可信的三方使用多方乘法协议算法,对N个加密随机数据进行计算,得到次数小于或等于k次的所有单项式,作为第一辅助数据,将第一辅助数据划分成4份(以计算节点数量P为4为例)分别发送给4个计算节点。或者如图3B所示,在预计算阶段,4个计算节点之间使用多方乘法协议算法,对N个加密随机数据进行计算,得到次数小于或等于k次的所有单项式,作为第一辅助数据,每个计算节点从第一辅助数据中,选取自己拥有的加密随机数据分片对应的辅助数据。其中,k为正整数。
需要注意的是,主节点在预先计算阶段,已提前根据加密随机数据得到辅助数据,或者各计算节点在预先计算阶段,已提前根据加密随机数据得到辅助数据。预先计算阶段在步骤S201之前。
可选的,主节点使用多方乘法协议算法,对N个加密随机数据进行计算,得到次数小于或等于k次的所有单项式,作为第一辅助数据。
例如,加密随机数据为:a
1、a
2、a
3,主节点使用多方乘法协议算法,对3个加密随机数据进行计算得到第一辅助数据包括:a
1、a
2、a
3、a
1a
1、a
2a
2、a
3a
3、a
1a
2、a
1a
3、a
2a
3、a
1a
1a
1、a
2a
2a
2、a
3a
3a
3、a
1a
1a
2、a
1a
1a
3、a
1a
2a
2、a
2a
2a
3、a
1a
3a
3、a
2a
3a
3、a
1a
2a
3。
P个计算节点中任意一个计算节点接收辅助数据为上述第一辅助数据中每项数据的一个分片。例如,第1个计算节点获取的辅助数据为:[a
1]_1、[a
2]_1、[a
3]_1、[a
1a
1]_1、[a
2a
2]_1、[a
3a
3]_1、[a
1a
2]_1、[a
1a
3]_1、[a
2a
3]_1、[a
1a
1a
1]_1、[a
2a
2a
2]_1、[a
3a
3a
3]_1、[a
1a
1a
2]_1、[a
1a
1a
3]_1、[a
1a
2a
2]_1、[a
2a
2a
3]_1、[a
1a
3a
3]_1、[a
2a
3a
3]_1、[a
1a
2a
3]_1。
在一种实施方式中,在执行步骤S205之前,还包括:P个计算节点中任意一个计算节点获取N个第一差值,可以通过以下方式获取:
第一种方式:P个计算节点中任意一个计算节点根据已接收到N个第一分片和N个第二分片,确定N个第一分片中每个第一分片和对应的第二分片的差值,得到N个第一差值。
例如,第1个计算节点获取随机数据的第一分片为:[a
1]_1、[a
2]_1、[a
3]_1,第1个计算节点获取到的加密隐私数据的第二分片为:[b
1]_1、[b
2]_1、[b
3]_1。
第1个计算节点获取3个第一差值分别为:[z
1]_1、[z
2]_1、[z
3]_1。
[z
1]_1=[b
1]_1-[a
1]_1
[z
2]_1=[b
2]_1-[a
2]_1
[z
3]_1=[b
3]_1-[a
3]_1
其中,[z
1]_1为第1计算节点接收加密隐私数据b
1的第一分片与第1个计算节点接收加密随机数据a
1的第二分片的差值,[z
2]_1为第1计算节点接收加密隐私数据b
2的第一分片与 第1个计算节点接收加密随机数据a
2的第二分片的差值,[z
3]_1为第1计算节点接收加密隐私数据b
3的第一分片与第1个计算节点接收加密随机数据a
3的第二分片的差值。
第二种方式:P个计算节点中任意一个计算节点接收由主节点确定的N个第一分片中每个所述第一分片和对应的第二分片之间的第一差值。
例如,由主节点计算出[z
1]_1、[z
2]_1、[z
3]_1,并将计算得到的[z
1]_1、[z
2]_1、[z
3]_1。发送给相应的第1个计算节点。
基于上述的实施方式,P个计算节点中任意一个计算节点在通过上述两种方式获取N个第一差值时,还需要获取其它P-1个计算节点中每个计算节点的N个第一差值。具体可以通过以下方式:
第一种方式:P个计算节点中任意一个计算节点可以与其它p-1个计算节点之间传输第一差值。P个计算节点中任意一个计算节点可以接收其它p-1个计算节点中每个计算节点分别发送的N个第一差值。同时,P个计算节点中任意一个计算节点也可以向其它p-1个计算节点中每个计算节点发送N个第一差值。在此之后,P个计算节点中任意一个计算节点拥有P*N个第一差值。
如图3A或3B所示,第四步骤:各个计算节点之间传输第一差值,使得每个计算节点可以获取每个计算节点计算得到的全部第一差值。
例如,主节点管理3个计算节点:第一计算节点Q1、第二计算节点Q2、第三计算节点Q3。
需要注意的是,下述的第一计算节点、第二计算节点、第三计算节点分别用Q1、Q2、Q3表示。
由Q1计算出的3个第一差值为:[z
1]_1、[z
2]_1、[z
3]_1;
由Q2计算节点计算出的3个第一差值为:[z
1]_2、[z
2]_2、[z
3]_2;
由Q3计算出的3个第一差值为:[z
1]_3、[z
2]_3、[z
3]_3。
Q1可以接收Q2发送的3个第一差值,以及Q3发送的3个第一差值。同时Q1向Q2和Q3发送Q1的3个第一差值。
第二种方式:由主节点分别计算P个计算节点中每个计算节点的N个第一差值,然后将P*N个第一差值发送给P个计算节点。在此之后,P个计算节点中任意一个计算节点拥有P*N个第一差值。
例如,主节点分别计算出Q1的3个第一差值:[z
1]_1、[z
2]_1、[z
3]_1;
主节点分别计算出Q2的3个第一差值:[z
1]_2、[z
2]_2、[z
3]_2;
主节点分别计算出Q3的3个第一差值:[z
1]_3、[z
2]_3、[z
3]_3。
主节点将Q1的3个第一差值和Q2的3个第一差值以及Q3的3个第一差值,均发送给Q1、Q2、Q3。那么Q1、Q2、Q3均获取到Q1的3个第一差值和Q2的3个第一差值以及Q3的3个第一差值。
在一种实施方式中,在执行步骤S205时,P个计算节点中任意一个计算节点使用预设的计算方式,对已接收的N个第一分片和N个第二分片进行计算,得到目标结果分片,并将目标结果分片发送给主节点,(如图3A或图3B中的第五步骤)。具体实现步骤如下:
第一步骤:P个计算节点中任意一个计算节点将接收到的P*N个第一差值中来自相同加密随机数据和加密隐私数据的第一差值进行叠加,得到N个第二差值,所述N个第二差值用于表示N个加密隐私数据与N个加密随机数据之间的差值。
示例性的,第一计算节点获取N个加密随机数据a
1,a
2......,a
N的一个分片分别为[a
1]
_1,[a
2]
_1,......,[a
N]
_1,第一计算节点获取N个加密隐私数据b
1,b
2......,b
N的一个分片分别为[b
1]
_1,[b
2]
_1,......,[b
N]
_1,那么第一计算节点获取的N第一差值分别为:[z
1]
_1,[z
2]
_1,......,[z
N]
_1,[z
1]
_1,[z
2]
_1,......,[z
N]
_1分别满足以下:
应理解,上述公式中的省略号表达依次类推的意思。
第i个计算节点的N个第一出差值分别为:[z
1]
_i,[z
2]
_i,......,[z
N]
_i,i为小于或等于P的正整数。[z
1]
_i,[z
2]
_i,......,[z
N]
_i分别满足以下:
第1个计算节点计算N个第二差值,具体包括以下:
第1个计算节点获取N*P个第一差值包括:第一个计算节点的N个第一差值,第2个计算节点的N个第一差值,…,第P个计算节点的N个第一差值。
第一个计算节点的N个第一差值分别为:[z
1]
_1=[b
1]
_1-[a
1]
_1,[z
2]
_1=[b
2]
_1
-[a
2]
_1,…[z
N]
_1=[b
N]
_1-[a
N]
_1;
第二个计算节点的N个第一差值分别为:[z
1]
_2=[b
1]
_2-[a
1]
_2、[z
2]
_2=[b
2]
_2-[a
2]
_2…[z
N]
_1=[b
N]
_1-[a
N]
_1;
.
.
.
第P个计算节点的N个第一差值分别为:[z
1]
_p=[
b1]
_p-[a
1]
_p、[z
2]
_p=[b
2]
_p-[a
2]
_p…[z
N]
_p=[b
N]
_p-[a
N]
_p;
P个计算节点中任意一个计算节点,可以通过以下方式进行叠加得到N个第二差值,N个第二差值分别为z
1,z
2,......,z
N,z
1,z
2,......,z
N分别满足以下公式:
进一步的,整理得到下面公式:
例如,第一计算节点获取第一计算节点的3个第一差值为[z
1]
_1、[z
2]
_1、[z
3]
_1,获取第2个计算节点的3个第一差值为[z
1]
_2、[z
2]
_2、[z
3]
_2,获取第3个计算节点的3个第一差值为[z
1]
_3、[z
2]
_3、[z
3]
_3。
第一计算节点将接收到的3*3个第一差值相应进行叠加计算出3个第二差值,分别为: z
1、z
2、z
3。
z
1=[z
1]
_1+[z
1]
_2+[z
1]
_3;
z
2=[z
2]
_1+[z
2]
_2+[z
2]
_3;
z
3=[z
3]
_1+[z
3]
_2+[z
3]
_3。
其中,第一差值[z
1]
_1,[z
1]
_2,[z
1]
_3分别为第二差值z
1的分片,第一差值[z
2]
_1,[z
2]
_2,[z
2]
_3分别为第二差值z
2的分片,第一差值[z
3]
_1,[z
3]
_2,[z
3]
_3分别为第二差值z
3的一个分片。
第二步骤:P个计算节点中任意一个计算节点使用预设的计算方式,对获取的辅助数据和N个第二差值,得到目标结果分片。
其中,所述目标结果分片符合以下函数:
[f(x
1j,x
2j,......x
Nj)]_j
[f(x
1j,x
2j,......x
Nj)]_j的值表示第j个计算节点得到的目标结果分片,x
ij表示第j个计算节点获取第i个加密隐私数据的一个第二分片,j为小于或等于P的正整数,i表示小于或等于N的正整数;f(.)中各项式的系数均已知;所述第j个计算节点得到的目标结果分片由所述计算方将所述N个第二差值和函数f(.)的系数相乘得到函数G(.)的每个系数,并将函数G(.)的每个系数与所述辅助数据中对应的分片相乘得到多项乘积后,再将所述多项乘积相加得到的;所述函数G(.)为关于加密随机数据的函数。
示例性的,预设的计算方式对应设定目标函数符合以下:
f(x
1,x
2,......x
N)
可以将N个加密隐私数据或N个加密隐私数据的一个分片作为目标函数中N个变量x的输入值。即可以用变量x表示加密隐私数据,其中,目标函数f(.)中的各项系数均为已知的。用变量y表示加密随机数据,变量z表示第二差值,由于z=x-y,那么令x=y+z,即:
f(x
1,x
2,......x
N)=f(y
1+z
1,y
2+z
2,......y
N+z
N)
其中,P个计算节点中任意一个计算节点均可以通过上述步骤,确定出N个第二差值z
1,z
2,...,z
N。
因此,目标函数中只有y
1,y
2,...,y
N为未知变量,进一步转换得到下面函数:
f(y
1+z
1,y
2+z
2,......y
N+z
N)=G(y
1,y
2,...,y
N)
其中,函数G(·)为关于变量y的函数,即函数G(·)为关于加密随机数据的函数。
由于f(·)的各项式的系数均为已知的,且针对函数f(y
1+z
1,y
2+z
2,......y
N+z
N)中的z
1,z
2,...,z
N,P个计算节点中任意一个计算节点也可以计算出,因此,G(y
1,y2,...,y
N)展开后的各项式的系数也可以计算得到。
函数G(y
1,y2,...,y
N)的各项式中,包括:一个加密随机数据与该函数的系数的乘积,或至少一个加密随机数据与该函数的系数之间的乘积,以及至少一个加密随机数据的次幂与该函数系数的乘积。
P个计算节点中任意一个计算节点计算得到的函数G(y
1,y2,...,y
N)的各项式乘积,可以在该计算节点获取的辅助数据找到,该计算节点可以将辅助数据中找到的各项式乘积值与函数G(y
1,y2,...,y
N)中相应的系数相乘,得到函数G(y
1,y2,...,y
N)的各项式的结果值,最后将函数G(y
1,y2,...,y
N)的各项式的结果值相加,得到函数G(y
1,y2,...,y
N)的结果值,即函数G(y
1,y2,...,y
N)的结果值为该计算节点的目标结果分片。最后,将该计算节点的目标结果分片作为设定目标函数下一次计算中的一个加密隐私数据的一个分片。
例如,设定目标函数为f(x
1,x
2,x
3)=λ
1x
1+λ
2x
2
2+λ
3x
3
3,其中,λ
1,λ
2,λ
3的值均为已知的,以 第一个计算节点为例,其执行的计算过程如下:
将目标函数f(x
1,x
2,x
3)=λ
1x
1+λ
2x
2
2+λ
3x
3
3转换得到下面公式:
f(y
1+z
1,y
2+z
1,y
3+z
1)=λ
1(y
1+z
1)+λ
2(y
2+z
2)
2+λ
3(y
3+z
3)
3
=λ
1y
1+λ
1z
1+λ
2(y
2
2+2y
2z
2+z
22
)+λ
3(y
3
2+2y
3z
3+z
3
2)
=λ
1y
1+λ
1z
1+λ
2y
2
2+2λ
2z
2y
2+λ
2z
2
2+λ
3y
3
2+2λ
3z
3y
3+λ
3z
3
2
其中,令θ
1=λ
1z
1,θ
2=2λ
2z
2,θ
3=λ
2z
2
2,θ
4=2λ3z
3,θ
5=λ
3z
3
2,且θ
1、θ
2、θ
3、θ
4、θ
5均可计算出。
那么f(y
1+z
1,y
2+z
1,y
3+z
1)转换成以下函数公式:
G(y
1,y
2,y
3)=λ
1y
1+θ
1+λ
2y
2
2+θ
2y
2+θ
3+λ
3y
3
2+θ
4y
3+θ
5
其中,第一计算节点获取到加密随机数据的第一分片,分别为:[a
1]_1,[a
2]_1,[a
3]_1
第一计算节点获取的辅助数据中包括:a
1、a
2
2、a
2、a
3
2、a
3的分片,即[a
1]_1、[a
2
2]_1、[a
2]_1、[a
3
2]_1、[a
3]_1的值。将[a
1]_1、[a
2
2]_1、[a
2]_1、[a
3
2]_1、[a
3]_1的值分别替换函数G(y
1,y
2,y
3)公式中的y
1、y
2
2、y
2、y
3
2、y
3,最终计算得到函数G(·)的结果,即等于目标函数f(·)的结果。
应理解,由于变量y输入的a值均为分片形式,因此,函数f(·)的结果值为目标结果分片。
需要注意的是,P个计算节点中其它的P-1个计算节点的计算过程,具体可参考第一计算节点的计算过程,此处不再具体赘述。P个计算节点得到的目标结果分片可以表示为:f(·)_1,f(·)_2...,f(·)_P。
S206:P个计算节点中任意一个计算节点将执行目标任务后得到的目标结果分片发送给主节点,主节点接收P个计算节点执行目标任务后得到的目标结果分片。
S207:主节点根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,得到所述N个加密隐私数据的目标结果数据。
在一种实施方式中,主节点根据P个计算节点执行目标任务后得到的目标结果分片,确定N个加密隐私数据的目标结果数据,可以通过以下但不限于以下方式实现:
主节点将所述P个计算节点执行所述目标任务后得到的所述目标结果分片相加,得到所述N个加密隐私数据的目标结果数据。
在另一种实施方式中,主节点可以将得到的目标结果数据作为一个新的加密隐私数据,并且可以将P个计算节点执行目标任务后得到的目标结果分片,作为一个新的加密隐私数据的P个分片,该新的加密隐私数据用于目标任务的下一次计算中。
例如,基于上述步骤S205中,加密隐私数据为b1、b2、b3,加密随机数据为a1、a2、a3。P个计算节点得到的P个目标结果分片分别为:[f(x
1,x
2,x
3)]_1、[f(x
1,x
2,x
3)]_2……[f(x
1,x
2,x
3)]_P,每个计算节点均以a
1,a
2,a
3的分片替换函数中的x
1,x
2,x
3。具体如下:
在第一计算节点中:[a
1]_1作为x
1值、[a
2]_1作为x
2值、[a
3]_1作为x
3值,计算得到函数[f(x
1,x
2,x
3)]_1的值(即第一计算节点的目标结果分片)。
同理,其它P-1个计算节点可根据第一计算节点的计算方式,得到函数[f(x
1,x
2,x
3)]_2……[f(x
1,x
2,x
3)]_P。
最后,主节点节获取P个计算节点的目标结果分片,即[f(x
1,x
2,x
3)]_1、[f(x
1,x
2,x
3)]_2……[f(x
1,x
2,x
3)]_P。主节点将[f(x
1,x
2,x
3)]_1、[f(x
1,x
2,x
3)]_1、[f(x
1,x
2,x
3)]_2……[f(x
1,x
2,x
3)]_P作为一个新的加密隐私数据b
4的P个分片。
具体可以表示为:
上述b
4为一个完整数值,b
4可以作为目标任务的下一次计算的一个加密隐私数据。
例如,主节点确定目标任务下一次计算的加密隐私数据为b
4,b
5,b
6,确定对应的加密随机数据为a
4,a
5,a
6,主节点和P个计算节点执行目标任务的下一次计算时,具体计算过程与上述步骤S201-S206相同,此处不再具体赘述。
需要注意的是,P个计算节点输出的P个目标结果最为该目标任务的最终输出。
根据以上,显然可知,计算目标函数时,无论目标函数多复杂(乘法阶数高),计算阶段只需要一轮通信即可完成目标函数的计算。并且通信量只与目标函数的加密隐私数据的数量有关,无论目标函数多复杂,只要目标函数的加密输入数值是固定的,那么计算目标函数的阶段所涉及的通信量也是固定的(即计算阶段的通信量与目标函数的加密隐私数据的数量相关)。
综上所述,本申请方案,首先,主节点获取数据提供方提供的N个加密隐私数据,并为每个加密隐私数据确定对应的N个加密随机数据;然后,主节点将N个加密随机数据中的每个加密随机数据分别划分成P个第一分片,并将N个加密隐私数据中的每个加密隐私数据分别划分成P个第二分片,主节点再将每个加密随机数据中的P个第一分片和每个加密隐私数据中的P个第二分片,分别发送给P个计算节点,使得每个计算节点接收到N个第一分片和N个第二分片;进一步,主节点分别向P个计算节点发送目标任务,该目标任务用于指示对应的计算节点使用预设的计算方式对接收的第一分片和第二分片进行计算,得到目标结果分片;最后,主节点分别接收P个计算节点执行该目标任务后得到的目标结果分片。由于目标函数的乘法阶数越高时,则计算阶段通信轮数就越多,本申请的方法可以保证在不泄露数据提供方提供的数据前提下,使得完成目标任务所需要的通信轮数较少,从而可以高效完成目标任务。
基于以上实施例提供的一种数据处理的方案,还可以用于处理加密隐私数据的逻辑运算中。具体可以如下:
例如,当主节点确定数据提供方提供的加密隐私数据都为0或1时,将每个加密输入的一个分片提供给P个计算节点中每个计算节点。若P个计算节点中任意一个计算节点从主节点接收到目标任务,该目标任务用于指示所述P个计算节点中任意一个计算节点计算加密隐私数据之间的逻辑运算(包括与、或、非、异或等)。
所述任意一个计算节点可以利用二元域(素数域F2)的运算规律、加密隐私数据,以及加密隐私数据的分片,执行上述步骤S201-S206,以完成加密隐私数据之间的逻辑运算。具体理由:
第一:上述步骤S201-S206中所处理的加密隐私数据和辅助数据可以是来自某个环(例如,整数环、矩阵环、多项式剩余类环等)。由于素数域是特殊的整数环,因此,在素数域上,可以执行上述步骤S201-S207。
第二:由于逻辑运算“异或”和“与”通过组合可以表示处所有逻辑运算。
第三:逻辑运算中的“异或”和“与”运算恰好是素数域F2上的“加法”和“乘法”。
本申请方案,在针对完成一个逻辑运算的目标任务时,可以被转化为素数域F2上的算数运算任务。因此,当计算节点要计算一个逻辑运算的目标任务时,可以先将逻辑运算的计算任务转化为素数域F2上关于秘密输入值的多项式计算,之后只需按照上述本申请实施例的方法(可参考上述步骤S201-S206),即可完成逻辑运算任务的计算。
因此,相比现有的逻辑运算任务的安全多方计算而言,本申请方案中,计算节点可以计算关于加密隐私数据(所有加密隐私数据都是0或1)的任意逻辑运算任务,而且可有效减少了计算过程中涉及通信量和通信轮数,从而有效提高数据处理效率,节省系统的计算所造成的开销。
基于同一技术构思,本申请实施例提供一种数据处理的装置,具有上述方法实施例中主节点的行为功能。该数据处理的装置可以包括执行上述方法实施例中所描述的方法/操作/步骤/动作所一一对应的模块或单元,该模块或单元可以是硬件电路,也可是软件,也可以是硬件电路结合软件实现。该装置可以具有如图4所示的结构。
如图4所示,该数据处理装置400可包括通信单元401、处理单元402、存储单元403,下面对各单元进行具体的介绍。
通信单元401,用于获取数据提供方提供的N个加密隐私数据,并为N个加密隐私数据确定对应的N个加密随机数据;所述N为正整数;
处理单元402,用于将所述N个加密随机数据中的每个加密随机数据分别划分成P个第一分片,并将所述N个加密隐私数据中的每个加密隐私数据分别划分成P个第二分片;所述P为所述主节点管理的计算节点的数量;
所述通信单元401,还可以用于将所述每个加密随机数据中的P个第一分片,分别发送给P个计算节点,并将所述每个加密隐私数据中的P个第二分片,然后,分别发送给所述P个计算节点,使得每个计算节点接收到N个所述第一分片和N个所述第二分片;并分别向所述P个计算节点发送目标任务,所述目标任务用于指示对应的计算节点使用预设的计算方式对接收的所述第一分片和所述第二分片进行计算,得到目标结果分片;最后,获取所述P个计算节点执行所述目标任务后得到的所述目标结果分片;
所述处理单元,还可以用于根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,得到所述N个加密隐私数据的目标结果数据。
在一种可能的设计中,所述通信单元401,还用于向所述P个计算节点中的任意一个计算节点发送所述任意一个计算节点的辅助数据和/或差值;其中,所述任意一个计算节点的辅助数据中包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片;所述任意一个计算节点的N个差值为所述主节点发送给所述任意一个计算节点的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值。
在一种可能的设计中,所述目标结果分片符合以下函数:
[f(x
1j,x
2j,......x
Nj)]_j
[f(x
1j,x
2j,......x
Nj)]_j的值表示第j个计算节点得到的目标结果分片,x
ij表示第j个计算节点获取第i个加密隐私数据的一个第二分片,j为小于或等于P的正整数,i表示小于或等于N的正整数;f(.)中各项式的系数均已知;所述第j个计算节点得到的目标结果分片由所述计算方将所述N个第二差值和函数f(.)的系数相乘得到函数G(.)的每个系数,并将函数G(.)的每个系数与所述辅助数据中对应的分片相乘得到多项乘积后,再将所述多项 乘积相加得到的;所述函数G(.)为关于加密随机数据的函数。
在一种可能的设计中,所述处理单元402,在根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,确定所述N个加密隐私数据的目标结果数据时,具体可以用于:将所述P个计算节点执行所述目标任务后得到的所述目标结果分片相加,得到所述N个加密隐私数据的目标结果数据。
存储单元403,可以用于存储数据或指令。
基于同一技术构思,本申请实施例提供一种数据处理的装置,具有上述方法实施例中计算节点的行为功能。该数据处理的装置可以包括执行上述方法实施例中所描述的方法/操作/步骤/动作所一一对应的模块或单元,该模块或单元可以是硬件电路,也可是软件,也可以是硬件电路结合软件实现。该装置也可以具有如图4所示的结构。
如图4所示,该数据处理装置400可包括通信单元401、处理单元402、存储单元403,下面对各单元进行具体的介绍。
通信单元401,用于接收主节点发送的N个第一分片,所述N个第一分片为所述主节点对生成的N个加密随机数据中的每个加密随机数据划分成P个第一分片,并将所述每个加密随机数据中的P个第一分片分别发送给P个计算节点得到的;所述P为所述主节点管理的计算节点的数量;所述N为正整数;
接收所述主节点发送的N个第二分片,所述N个第二分片为所述主节点对数据提供方提供的N个加密隐私数据中的每个加密隐私数据划分成P个第二分片,并将所述每个加密隐私数据中的P个第二分片分别发送给所述P个计算节点得到的;
接收所述主节点发送的目标任务,所述目标任务用于指示所述计算节点使用预设的计算方式对接收的所述N个第一分片和所述N个第二分片进行计算;
处理单元402,用于使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片进行计算,得到目标结果分片,并将所述目标结果分片发送给所述主节点。
在一种可能的设计中,所述通信单元401,还用于获取多个辅助数据,所述多个辅助数据根据所述N个第一分片得到的;
所述处理单元402在使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片进行计算,得到计算结果时,具体可以用于使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片,以及所述辅助数据进行计算,得到目标结果分片。
在一种可能的设计中,所述通信单元401在获取多个辅助数据时,具体用于:先接收由所述主节点使用多方乘法协议算法,然后对所述N个加密随机数据进行计算得到的辅助数据;所述辅助数据中包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片。
在一种可能的设计中,所述处理单元402,在使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片,以及所述辅助数据进行计算,得到目标结果分片时,具体可以用于:首先,确定所述N个第一分片中每个所述第一分片和对应的所述第二分片之间的差值,得到N个第一差值;或者通过所述通信单元401接收由所述主节点确定的所述N个第一分片中每个所述第一分片和对应的所述第二分片之间的第一差值;
然后,通过所述通信单元401获取其它P-1个计算节点分别发送的N个第一差值,所述P-1个计算节点中任意一个计算节点的N个第一差值为所述任意一个计算节点接收的所 述N个第一分片中每个所述第一分片和对应的所述第二分片的差值;或者所述P-1个计算节点中任意一个计算节点的N个第一差值为所述主节点确定的所述任意一个计算节点接收到的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值;
进一步的,将P*N个第一差值中来自相同加密随机数据和加密隐私数据的第一差值进行叠加,得到N个第二差值,所述N个第二差值用于表示所述N个加密隐私数据与所述N个加密随机数据之间的差值;
最后,使用所述预设的计算方式,对获取的所述辅助数据和所述N个第二差值,得到所述目标结果分片。
在一种可能的设计中,所述目标结果分片符合以下函数:
[f(x
1j,x
2j,......x
Nj)]_j
[f(x
1j,x
2j,......x
Nj)]_j的值表示第j个计算节点得到的目标结果分片,x
ij表示第j个计算节点获取第i个加密隐私数据的一个第二分片,j为小于或等于P的正整数,i表示小于或等于N的正整数;f(.)中各项式的系数均已知;所述第j个计算节点得到的目标结果分片由所述计算方将所述N个第二差值和函数f(.)的系数相乘得到函数G(.)的每个系数,并将函数G(.)的每个系数与所述辅助数据中对应的分片相乘得到多项乘积后,再将所述多项乘积相加得到的;所述函数G(.)为关于加密随机数据的函数。
存储单元403,可以用于存储数据或指令。
此外,本申请实施例还提供一种本申请所使用的数据处理设备,该数据处理设备可以具有如图5所示的结构,所述数据处理设备可以作为主节点,也可以是能够支持主节点实现上述方法的芯片或芯片系统。如图5所示的数据处理设备500可以包括至少一个处理器502,所述至少一个处理器502用于与存储器503耦合,读取并执行所述存储器中的指令以实现本申请实施例提供的方法中主节点涉及的步骤。可选的,该数据处理设备500还可以包括通信模块501,所述通信模块501可以用于支持所述数据处理设备500进行信令或者数据的接收或发送。数据处理设备500中的通信模块501,可用于实现上述主节点的通信单元401所具有的功能,例如,通信模块501可用于数据处理设备500执行如图2所示的数据处理方法中的S203、S204和S206,所示步骤,处理器502可用于实现上述处理单元402所具有的功能,例如,处理器502可用于数据处理设备500执行如图2所示的数据处理方法中的S201和S202、S207,所示步骤。此外,通信模块501可与天线耦合,用于支持该数据处理设备500进行通信。可选的,数据处理设备500还可以包括存储器503,其中存储有计算机程序、指令,存储器503可以与处理器502和/或通信模块501耦合,用于支持处理器502调用存储器503中的计算机程序、指令以实现本申请实施例提供的方法中主节点涉及的步骤;另外,存储器503还可以用于存储本申请方法实施例所涉及的数据,例如,用于存储支持通信模块501实现交互所必须的数据、信息。
此外,本申请实施例还提供一种本申请所使用的数据处理设备,该数据处理设备也可以具有如图5所示的结构,所述数据处理设备可以作为主节点所管理的多个计算节点中任意一个节点,也可以是能够支持所述任意一个计算节点实现上述方法的芯片或芯片系统。如图5所示的数据处理设备500可以包括至少一个处理器502,所述至少一个处理器502用于与存储器503耦合,读取并执行所述存储器中的指令以实现本申请实施例提供的方法中计算节点涉及的步骤。可选的,该数据处理设备500还可以包括通信模块501,所述通信模块501可以用于支持所述数据处理设备500进行信令或者数据的接收或发送。数据处理设备500中的通信模块501,可用于实现上述计算节点的通信单元401所具有的功能, 例如,通信模块501可用于数据处理设备500执行如图2所示的数据处理方法中的S203、S204和S206,所示步骤,处理器502可用于实现上述计算节点的处理单元402所具有的功能,例如,处理器502可用于数据处理设备500执行如图2所示的数据处理方法中的S205,所示步骤。此外,通信模块501可与天线耦合,用于支持该数据处理设备500进行通信。可选的,数据处理设备500还可以包括存储器503,其中存储有计算机程序、指令,存储器503可以与处理器502和/或通信模块501耦合,用于支持处理器502调用存储器503中的计算机程序、指令以实现本申请实施例提供的方法中主节点涉及的步骤;另外,存储器503还可以用于存储本申请方法实施例所涉及的数据,例如,用于存储支持通信模块501实现交互所必须的数据、信息。
本申请实施例中的耦合是装置、单元或模块之间的间接耦合或通信连接,可以是电性,机械或其它的形式,用于单元或模块之间的信息交互。本申请实施例中不限定上述通信模块、处理器和存储器之间的连接介质。例如,本申请实施例在图5中的通信模块501、处理器502、存储器503之间可以通过总线504连接,所述总线可以分为地址总线、数据总线、控制总线等。
本申请实施例中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,另外,在本申请各个实施例中的各功能模块可以集成在一个处理器中,也可以是单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。
本申请实施例提供了一种计算机可读存储介质,存储有计算机程序,该计算机程序包括用于执行上述方法实施例的指令。
本申请实施例提供了一种包含指令的计算机程序产品,当其在计算机上运行时,使得计算机执行上述方法实施例。
通过以上的实施方式的描述,所属领域的技术人员可以清楚地了解到本申请实施例可以用硬件实现,或固件实现,或它们的组合方式来实现。当使用软件实现时,可以将上述功能存储在计算机可读介质中或作为计算机可读介质上的一个或多个指令或代码进行传输。计算机可读介质包括计算机存储介质和通信介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何介质。存储介质可以是计算机能够存取的任何可用介质。以此为例但不限于:计算机可读介质可以包括RAN、RON、电可擦可编程只读存储器(electrically erasable prograNNable read only NeNory,EEPRON)、只读光盘(coNpact disc read-Only NeNory,CD-RON)或其他光盘存储、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质。此外。任何连接可以适当的成为计算机可读介质。例如,如果软件是使用同轴电缆、光纤光缆、双绞线、数字用户线(digital subscriber line,DSL)或者诸如红外线、无线电和微波之类的无线技术从网站、服务器或者其他远程源传输的,那么同轴电缆、光纤光缆、双绞线、DSL或者诸如红外线、无线和微波之类的无线技术包括在所属介质的定影中。如本申请实施例所使用的,盘(disk)和碟(disc)包括压缩光碟(coNpact disc,CD)、激光碟、光碟、数字通用光碟(digital video disc,DVD)、软盘和蓝光光碟,其中盘通常磁性的复制数据,而碟则用激光来光学的复制数据。上面的组合也应当包括在计算机可读介质的保护范围之内。
总之,以上所述仅为本申请的实施例而已,并非用于限定本申请的保护范围。凡根据 本申请的揭露,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。
Claims (14)
- 一种数据处理的方法,其特征在于,包括:主节点获取数据提供方提供的N个加密隐私数据,并为N个加密隐私数据确定对应的N个加密随机数据;其中,所述N个加密隐私数据为非明文公开数据,所述N为正整数;所述主节点将所述N个加密随机数据中的每个加密随机数据分别划分成P个第一分片,并将所述N个加密隐私数据中的每个加密隐私数据分别划分成P个第二分片;所述P为所述主节点管理的计算节点的数量;所述主节点将所述每个加密随机数据中的P个第一分片,分别发送给P个计算节点,并将所述每个加密隐私数据中的P个第二分片,分别发送给所述P个计算节点,使得每个计算节点接收到N个所述第一分片和N个所述第二分片;所述主节点分别向所述P个计算节点发送目标任务,所述目标任务用于指示对应的计算节点使用预设的计算方式对接收的所述第一分片和所述第二分片进行计算,得到目标结果分片;所述主节点获取所述P个计算节点执行所述目标任务后得到的所述目标结果分片;所述主节点根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,得到目标结果数据。
- 如权利要求1所述的方法,其特征在于,所述方法还包括:所述主节点向所述P个计算节点中的任意一个计算节点发送所述任意一个计算节点的辅助数据和/或差值;其中,所述任意一个计算节点的辅助数据中包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片;所述任意一个计算节点的N个差值为所述主节点发送给所述任意一个计算节点的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值。
- 如权利要求1所述的方法,其特征在于,所述主节点根据所述P个计算节点执行所述目标任务后得到的所述目标结果分片,得到目标结果数据,包括:所述主节点将所述P个计算节点执行所述目标任务后得到的所述目标结果分片相加,得到所述目标结果数据。
- 一种数据处理的方法,其特征在于,包括:计算节点接收主节点发送的N个第一分片,所述N个第一分片为所述主节点对生成的N个加密随机数据中的每个加密随机数据划分成P个第一分片,并将所述每个加密随机数据中的P个第一分片分别发送给P个计算节点得到的;所述P为所述主节点管理的计算节点的数量;所述N为正整数;所述计算节点接收所述主节点发送的N个第二分片,所述N个第二分片为所述主节点对数据提供方提供的N个加密隐私数据中的每个加密隐私数据划分成P个第二分片,并将所述每个加密隐私数据中的P个第二分片分别发送给所述P个计算节点得到的;所述计算节点接收所述主节点发送的目标任务,所述目标任务用于指示所述计算节点使用预设的计算方式对接收的所述N个第一分片和所述N个第二分片进行计算;所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片进行计算,得到目标结果分片,并将所述目标结果分片发送给所述主节点。
- 如权利要求5所述的方法,其特征在于,所述方法还包括:所述计算节点获取多个辅助数据,所述多个辅助数据根据所述N个第一分片得到的;所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片进行计算,得到计算结果,包括:所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片,以及所述辅助数据进行计算,得到目标结果分片。
- 如权利要求6所述的方法,其特征在于,所述计算节点获取多个辅助数据,包括:所述计算节点接收由所述主节点使用多方乘法协议算法,对所述N个加密随机数据进行计算得到的辅助数据;所述辅助数据中包括:所述N个加密随机数据中任意一个加密随机数据的一个分片和至少两个加密随机数据之间乘积的一个分片以及任意一个加密随机数据次幂的一个分片。
- 如权利要求6或7所述的方法,其特征在于,所述计算节点使用所述预设的计算方式,对所述N个第一分片和所述N个第二分片,以及所述辅助数据进行计算,得到目标结果分片,包括:所述计算节点确定所述N个第一分片中每个所述第一分片和对应的所述第二分片之间的差值,得到N个第一差值;或者所述计算节点接收由所述主节点确定的所述N个第一分片中每个所述第一分片和对应的所述第二分片之间的第一差值;所述计算节点获取其它P-1个计算节点分别发送的N个第一差值,所述P-1个计算节点中任意一个计算节点的N个第一差值为所述任意一个计算节点接收的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值;或者所述P-1个计算节点中任意一个计算节点的N个第一差值为所述主节点确定的所述任意一个计算节点接收到的所述N个第一分片中每个所述第一分片和对应的所述第二分片的差值;所述计算节点将P*N个第一差值中来自相同加密随机数据和加密隐私数据的第一差值进行叠加,得到N个第二差值;所述N个第二差值用于表示所述N个加密隐私数据与所述N个加密随机数据之间的差值;所述计算节点使用所述预设的计算方式,对获取的所述辅助数据和所述N个第二差值,得到所述目标结果分片。
- 一种数据处理的装置,其特征在于,应用于主节点,包括:处理器,存储器,以及计算机程序,所述计算机程序存储在所述存储器中,当所述计算机程序被所述处理器执行时,使得所述主节点执行如权利要求1-4中任意一项所述的方法。
- 一种数据处理的装置,其特征在于,应用于由主节点管理的多个计算节点中任意一个,包括:处理器,存储器,以及计算机程序,所述计算机程序存储在所述存储器中,当所述计算机程序被所述处理器执行时,使得所述任意一个计算节点执行如权利要求5-9中任意一项所述的方法。
- 一种通信系统,其特征在于,包括如权利要求10所述的数据处理的装置,和P个如权利要求11所述的数据处理的装置。
- 一种计算机程序产品,其特征在于,包括计算机程序,当所述计算机程序在计算机上运行时,使得所述计算机执行如权利要求1-9中任意一项所述的方法。
- 一种非易失性计算机可读存储介质,其特征在于,存储计算机程序,所述计算机程序通过处理器进行加载来执行如权利要求1-9中任意一项所述的方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110396616.5A CN115277031B (zh) | 2021-04-13 | 2021-04-13 | 一种数据处理的方法和装置 |
CN202110396616.5 | 2021-04-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022218033A1 true WO2022218033A1 (zh) | 2022-10-20 |
Family
ID=83639474
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2022/077282 WO2022218033A1 (zh) | 2021-04-13 | 2022-02-22 | 一种数据处理的方法和装置 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN115277031B (zh) |
WO (1) | WO2022218033A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117254911A (zh) * | 2023-11-17 | 2023-12-19 | 北京安华金和科技有限公司 | 一种基于秘密分享的多方安全计算处理方法和系统 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104063376A (zh) * | 2013-03-18 | 2014-09-24 | 阿里巴巴集团控股有限公司 | 多维度分组运算方法及系统 |
US20180052901A1 (en) * | 2016-08-16 | 2018-02-22 | Quintessencelabs Pty Ltd. | Fault-tolerant key management system |
CN109255247A (zh) * | 2018-08-14 | 2019-01-22 | 阿里巴巴集团控股有限公司 | 多方安全计算方法及装置、电子设备 |
WO2020173287A1 (en) * | 2019-02-27 | 2020-09-03 | Beijing Didi Infinity Technology And Development Co., Ltd. | Systems and methods for determining network shards in blockchain network |
WO2021042923A1 (zh) * | 2019-09-06 | 2021-03-11 | 平安国际智慧城市科技股份有限公司 | 数据分片存储方法、装置、终端及计算机可读存储介质 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2718136A1 (en) * | 2007-04-23 | 2008-10-30 | Scrutiny, Inc. | Computing infrastructure |
EP3369207B1 (en) * | 2015-10-29 | 2023-04-12 | Hrl Laboratories, Llc | An information secure protocol for mobile proactive secret sharing with near-optimal resilience |
EP3759865B1 (en) * | 2018-02-27 | 2024-04-03 | Visa International Service Association | High-throughput data integrity via trusted computing |
CN110475267B (zh) * | 2018-05-11 | 2021-09-17 | 华为技术有限公司 | 一种配置方法、数据传输方法和装置 |
CN108683669B (zh) * | 2018-05-19 | 2021-09-17 | 深圳市图灵奇点智能科技有限公司 | 数据验证方法和安全多方计算系统 |
CN109446828B (zh) * | 2018-11-07 | 2020-10-13 | 北京邮电大学 | 一种安全多方计算方法及装置 |
CN109947551B (zh) * | 2019-03-19 | 2021-04-23 | 中南大学 | 一种多轮次任务分配方法、边缘计算系统及其存储介质 |
-
2021
- 2021-04-13 CN CN202110396616.5A patent/CN115277031B/zh active Active
-
2022
- 2022-02-22 WO PCT/CN2022/077282 patent/WO2022218033A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104063376A (zh) * | 2013-03-18 | 2014-09-24 | 阿里巴巴集团控股有限公司 | 多维度分组运算方法及系统 |
US20180052901A1 (en) * | 2016-08-16 | 2018-02-22 | Quintessencelabs Pty Ltd. | Fault-tolerant key management system |
CN109255247A (zh) * | 2018-08-14 | 2019-01-22 | 阿里巴巴集团控股有限公司 | 多方安全计算方法及装置、电子设备 |
WO2020173287A1 (en) * | 2019-02-27 | 2020-09-03 | Beijing Didi Infinity Technology And Development Co., Ltd. | Systems and methods for determining network shards in blockchain network |
WO2021042923A1 (zh) * | 2019-09-06 | 2021-03-11 | 平安国际智慧城市科技股份有限公司 | 数据分片存储方法、装置、终端及计算机可读存储介质 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117254911A (zh) * | 2023-11-17 | 2023-12-19 | 北京安华金和科技有限公司 | 一种基于秘密分享的多方安全计算处理方法和系统 |
CN117254911B (zh) * | 2023-11-17 | 2024-02-13 | 北京安华金和科技有限公司 | 一种基于秘密分享的多方安全计算处理方法和系统 |
Also Published As
Publication number | Publication date |
---|---|
CN115277031B (zh) | 2024-05-10 |
CN115277031A (zh) | 2022-11-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020253234A1 (zh) | 实现隐私保护的数据同态加解密方法及装置 | |
US10608811B2 (en) | Private set intersection encryption techniques | |
CN112906044B (zh) | 多方安全计算方法、装置、设备及存储介质 | |
US9158925B2 (en) | Server-aided private set intersection (PSI) with data transfer | |
WO2022247576A1 (zh) | 一种数据处理方法、装置、设备及计算机可读存储介质 | |
US20160182222A1 (en) | Computer-Implemented System And Method For Multi-Party Data Function Computing Using Discriminative Dimensionality-Reducing Mappings | |
US11205137B2 (en) | Distributed training in a parameter dataset | |
US10609010B2 (en) | System, methods and software application for sending secured messages on decentralized networks | |
KR20180111904A (ko) | 특정 식별 정보 노출없이 식별자간 링크를 설정하기 위한 시스템 및 방법 | |
US11310045B2 (en) | Compression and oblivious expansion of RLWE ciphertexts | |
CN113806795B (zh) | 一种两方隐私集合并集计算方法和装置 | |
CN111949998B (zh) | 对象检测及请求方法、数据处理系统、装置及存储介质 | |
CN114884675A (zh) | 基于比特传输的多方隐私求交方法、装置、设备及介质 | |
WO2022218033A1 (zh) | 一种数据处理的方法和装置 | |
CN106888213B (zh) | 云密文访问控制方法及系统 | |
CN115580390A (zh) | 一种安全多方计算下的多场景模式计算方法及系统 | |
JP2020519968A (ja) | ビット分解秘密計算装置、ビット結合秘密計算装置、方法およびプログラム | |
CN114492850A (zh) | 基于联邦学习的模型训练方法、设备、介质及程序产品 | |
CN117349685A (zh) | 一种通信数据的聚类方法、系统、终端及介质 | |
Huang et al. | [Retracted] Cloud Storage Model Based on the BGV Fully Homomorphic Encryption in the Blockchain Environment | |
CN115225367A (zh) | 数据处理方法、装置、计算机设备、存储介质和产品 | |
Shah et al. | Secure featurization and applications to secure phishing detection | |
Kaur et al. | Secure image sharing on cloud using cryptographic algorithms: survey | |
CN108075889B (zh) | 一种降低加解密运算时间复杂度的数据传输方法及系统 | |
CN112925853B (zh) | 基于区块链的可信数据交换方法、装置、终端设备和介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22787263 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 22787263 Country of ref document: EP Kind code of ref document: A1 |