CN116846535A - Universal privacy computing method, device, equipment and medium based on homomorphic encryption - Google Patents

Universal privacy computing method, device, equipment and medium based on homomorphic encryption Download PDF

Info

Publication number
CN116846535A
CN116846535A CN202310864942.3A CN202310864942A CN116846535A CN 116846535 A CN116846535 A CN 116846535A CN 202310864942 A CN202310864942 A CN 202310864942A CN 116846535 A CN116846535 A CN 116846535A
Authority
CN
China
Prior art keywords
data
fully homomorphic
encryption
preset
computing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310864942.3A
Other languages
Chinese (zh)
Inventor
关振宇
边松
潘豪文
金意儿
张舟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beihang University
Original Assignee
Beihang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beihang University filed Critical Beihang University
Priority to CN202310864942.3A priority Critical patent/CN116846535A/en
Publication of CN116846535A publication Critical patent/CN116846535A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本申请涉及一种基于全同态加密的通用隐私计算方法、装置、设备及介质,其中,方法包括:获取用户的原始数据,并对用户的原始数据进行编码,得到明文数据;基于预设密码密钥,对明文数据进行加密,得到全同态加密数据;根据预设的全同态计算指令,调用全同态计算指令对应的运算算子,并对全同态加密数据进行算术运算和/或逻辑运算,得到通用隐私计算结果。由此,解决了现有的基于全同态加密的隐私计算框架均与具体的加密方案相关,通用性较差,新的算法难以进行拓展,无法实现不同计算方式的融合等问题。

This application relates to a general privacy computing method, device, equipment and medium based on fully homomorphic encryption. The method includes: obtaining the user's original data and encoding the user's original data to obtain plaintext data; based on the preset password The key is used to encrypt the plaintext data to obtain fully homomorphic encrypted data; according to the preset fully homomorphic computing instructions, the operation operator corresponding to the fully homomorphic computing instructions is called, and arithmetic operations and/or are performed on the fully homomorphic encrypted data. Or logical operations to obtain general privacy calculation results. This solves the problems that existing privacy computing frameworks based on fully homomorphic encryption are related to specific encryption schemes, have poor versatility, are difficult to expand with new algorithms, and cannot achieve the integration of different computing methods.

Description

Universal privacy computing method, device, equipment and medium based on homomorphic encryption
Technical Field
The application relates to the technical field of information security, in particular to a universal privacy computing method, device, equipment and medium based on homomorphic encryption.
Background
With the deep fusion of new generation information technologies represented by blockchain, 5G, internet of things, cloud computing, artificial intelligence, etc. and daily life of people in China, a large amount of personal data is collected, processed, and circulated. Aiming at the vigorous demand of data privacy protection, related researches around privacy computing are gradually formed, for example, the technical schemes of federal learning technology in the machine learning field, multiparty security computing and homomorphic encryption technology in the traditional security and cryptography field, trusted execution environment in the chip design field and the like are all regarded as privacy computing technologies.
However, since different kinds of privacy computing technologies have different security definitions, security levels and computing efficiencies, and the privacy computing field is still in a stage of high-speed development and technology iteration, the various privacy computing technologies lack unified consensus on privacy protection technical schemes among academia, different application industries and government standardization departments, so that a single privacy computing technology cannot be simply used in different privacy protection scenes, and the main reason for forming the phenomenon is that a privacy computing protocol with provable security faces extremely large computing and communication bandwidth overhead; for example, in the latest top-level conference results, a privacy neural network reasoning protocol based on traditional multiparty security computation requires a wide area network communication bandwidth of 9Gbytes or more to complete a round of reasoning computation (local reasoning computation in plaintext does not require any communication); while privacy neural network reasoning based on full homomorphic encryption only requires very little communication bandwidth (hundreds of Kbytes), the computation time is more than 1000 times slower than plaintext reasoning.
In summary, different kinds of privacy computing schemes respectively have scientific problems of poor universality of a single protocol, multiple communication rounds, high bandwidth transmission, long computing time and the like, so that users lack understanding and confidence on the privacy computing technology, and the actual landing of the advanced privacy computing scheme in industry is greatly hindered.
Therefore, the homomorphic encryption computing technology based on the lattice is rapidly developed as a privacy computing scheme. In the homomorphic encryption algorithm, a data owner with private data encrypts the data and transmits the encrypted data to a calculator; the computer can directly execute the computer language with complete arbitrary intention on the encrypted ciphertext, and no interaction is needed to be carried out with the data owner in the process, so that the data security of the data owner is further protected.
With the rapid development of homomorphic encryption technology, more and more algorithms are designed on the homomorphic encryption scheme. However, since the existing privacy computing frames based on isomorphic encryption are all related to specific encryption schemes, the universality is poor, so that a new algorithm is difficult to expand on the original scheme, fusion of different computing modes cannot be realized, and the problem needs to be solved.
Disclosure of Invention
The application provides a universal privacy computing method, device, equipment and medium based on isomorphic encryption, which are used for solving the problems that the existing privacy computing frames based on isomorphic encryption are all related to specific encryption schemes, the universality is poor, a new algorithm is difficult to expand, and fusion of different computing modes cannot be realized.
An embodiment of a first aspect of the present application provides a universal privacy calculation method based on isomorphic encryption, including the steps of: acquiring original data of a user, and encoding the original data of the user to obtain plaintext data; encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data; and calling an operator corresponding to the isotactic calculation instruction according to a preset isotactic calculation instruction, and performing arithmetic operation and/or logic operation on the isotactic encryption data to obtain a general privacy calculation result.
Optionally, in one embodiment of the present application, the encoding the original data of the user to obtain plaintext data includes: and encoding the original data in a SISD encoding mode, a SIMD-Slot encoding mode or a SIMD-Coeff encoding mode to obtain the plaintext data meeting a preset algebraic structure.
Optionally, in an embodiment of the present application, encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data includes: based on a preset plaintext/ciphertext conversion operator, encrypting the plaintext data by using an LWE encryption, an RLWE encryption, an MLWE encryption or an RGSW encryption method to obtain the fully homomorphic encryption data.
Optionally, in an embodiment of the present application, the calling, according to a preset isotactic computing instruction, an operator corresponding to the isotactic computing instruction, and performing arithmetic operation and/or logical operation on the isotactic encrypted data to obtain a general privacy computing result includes: performing arithmetic operation on the fully homomorphic encryption data based on a preset fully homomorphic arithmetic operator; and carrying out logic operation on the fully homomorphic encryption data based on a preset fully homomorphic logic operator.
Optionally, in one embodiment of the present application, said performing an arithmetic operation and/or a logical operation on said isomorphic encrypted data comprises: and performing arithmetic operation and/or logical operation on the fully homomorphic encryption data by using a mathematical base, wherein the mathematical base comprises at least one of an integer algebraic structure, a polynomial algebraic structure, a number theory transformation and a residual number system.
An embodiment of the second aspect of the present application provides a universal privacy computing device based on homomorphic encryption, comprising: the coding module is used for obtaining the original data of the user and coding the original data of the user to obtain plaintext data; the encryption module is used for encrypting the plaintext data based on a preset cipher key to obtain fully homomorphic encryption data; the computing module is used for calling an operator corresponding to the isotactic computing instruction according to a preset isotactic computing instruction, and carrying out arithmetic operation and/or logic operation on the isotactic encryption data to obtain a general privacy computing result.
Optionally, in an embodiment of the present application, the encoding module is specifically configured to encode the original data by means of SISD encoding, SIMD-Slot encoding or SIMD-Coeff encoding, to obtain the plaintext data satisfying a preset algebraic structure.
Optionally, in an embodiment of the present application, the encryption module is specifically configured to encrypt the plaintext data by using a LWE encryption, RLWE encryption, MLWE encryption or RGSW encryption method based on a preset plaintext/ciphertext conversion operator, to obtain the fully homomorphic encrypted data.
Optionally, in one embodiment of the present application, the computing module includes: a first operation unit for performing arithmetic operation on the fully homomorphic encryption data based on a preset fully homomorphic arithmetic operation operator; and the second operation unit is used for carrying out logical operation on the all-homomorphic encryption data based on a preset all-homomorphic logical operation operator.
Optionally, in one embodiment of the present application, the computing module further includes: and the calling unit is used for carrying out arithmetic operation and/or logical operation on the isomorphic encryption data by utilizing a mathematical basic library, wherein the mathematical basic library comprises at least one of an integer algebra structure, a polynomial algebra structure, a number theory transformation and a residual number system.
An embodiment of a third aspect of the present application provides an electronic device, including: the system comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the processor executes the program to realize the universal privacy calculation method based on isomorphic encryption as described in the embodiment.
A fourth aspect of the present application provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements a generic privacy calculation method based on homomorphic encryption as above.
Thus, embodiments of the present application have the following beneficial effects:
according to the embodiment of the application, the plaintext data can be obtained by acquiring the original data of the user and encoding the original data of the user; encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data; according to a preset isohomomorphic calculation instruction, an operator corresponding to the isomorphic calculation instruction is called, and arithmetic operation and/or logic operation is carried out on isohomomorphic encryption data to obtain a general privacy calculation result, so that barriers among different isohomomorphic encryption schemes are eliminated, complex calculation tasks of arithmetic operation and logic operation mixing in isomorphic encryption can be effectively completed, new instructions are easily expanded, and hardware acceleration is easily realized. Therefore, the problems that the existing privacy computing frames based on homomorphic encryption are all related to a specific encryption scheme, the universality is poor, a new algorithm is difficult to expand, fusion of different computing modes cannot be achieved and the like are solved.
Additional aspects and advantages of the application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the application.
Drawings
The foregoing and/or additional aspects and advantages of the application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings, in which:
FIG. 1 is a schematic diagram of a general privacy computing method based on isomorphic encryption;
FIG. 2 is a flow chart of a generic privacy computation method based on isomorphic encryption in accordance with an embodiment of the present application;
FIG. 3 is a schematic diagram illustrating a cryptographic operation library according to an embodiment of the present application;
FIG. 4 is an exemplary diagram of a generic privacy computing device based on homomorphic encryption in accordance with an embodiment of the application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Wherein, 10-a universal privacy computing device based on homomorphic encryption, 100-an encoding module, 200-an encrypting module, 300-a computing module, 501-a memory, 502-a processor, 503-a communication interface.
Detailed Description
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative and intended to explain the present application and should not be construed as limiting the application.
The following describes a general privacy computing method, device, equipment and medium based on full homomorphic encryption according to an embodiment of the application with reference to the accompanying drawings. Aiming at the problems of poor universality and the like of the existing privacy computing framework based on isomorphic encryption, which are mentioned in the background art, the application provides a universal privacy computing method based on isomorphic encryption, wherein in the method, the original data of a user is obtained and encoded to obtain plaintext data; encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data; according to a preset isohomomorphic calculation instruction, an operator corresponding to the isomorphic calculation instruction is called, and arithmetic operation and/or logic operation is carried out on isohomomorphic encryption data to obtain a general privacy calculation result, so that barriers among different isohomomorphic encryption schemes are eliminated, complex calculation tasks of arithmetic operation and logic operation mixing in isomorphic encryption can be effectively completed, new instructions are easily expanded, and hardware acceleration is easily realized. Therefore, the problems that the existing privacy computing frames based on homomorphic encryption are all related to a specific encryption scheme, the universality is poor, a new algorithm is difficult to expand, fusion of different computing modes cannot be achieved and the like are solved.
To facilitate understanding of the general privacy computing method based on isomorphic encryption by those skilled in the art, the following briefly describes the logical architecture of the present application.
The logic framework of the universal privacy computing method based on isomorphic encryption mainly comprises the following steps: mathematical base library, data type library, cipher operation library and calculation instruction library, as shown in figure 1. The mathematical base provides a bottom mathematical structure and mathematical operation support for the whole computing architecture; the data type library defines different data types involved in the calculation process, including original data, plaintext data, a cryptographic key, ciphertext data and an operation key; the password operation library defines various homomorphic password basic algorithms and operators and provides support for various operation instructions in the calculation instruction module; the computing instruction library realizes a plurality of homomorphic instruction operators, and corresponding computing instructions are completed by calling corresponding elements of the password operation library and the data type library.
Specifically, fig. 2 is a flowchart of a general privacy calculation method based on isomorphic encryption according to an embodiment of the present application.
As shown in fig. 2, the universal privacy calculation method based on isomorphic encryption comprises the following steps:
in step S201, the original data of the user is obtained, and the original data of the user is encoded to obtain plaintext data.
In the embodiment of the application, first, the original data of the user in the preset data type library, such as a 32-bit integer, a floating point number vector or matrix, and the like, can be obtained, and the original data is encoded by a calculation instruction library by calling a cryptographic operation mode of the encoding operation from a cryptographic operation library, so as to obtain plaintext data corresponding to the original data of the user. The data type library defines different data types involved in the calculation process, provides corresponding data type support for the compiler and other libraries, and can provide corresponding data types according to the requirements of the compiler and other libraries, so that the calculation process is more flexible; the original data is the unencrypted real data type generated in the actual application; the plaintext data is encrypted unencrypted data in a homomorphic encryption scheme, where the plaintext data is an integer and in an RLWE-based homomorphic scheme the plaintext data is a polynomial.
It will be appreciated by those skilled in the art that the encoding is important in the isotactic encryption scheme, the encoding mode may largely determine the form of the isotactic encryption scheme, and the key difference between different isotactic encryption schemes (such as CKKS and BFV) is that the encoding modes are different, and for different original data types, the cryptographic operation library may encode the original data into different plaintext data types.
Optionally, in one embodiment of the present application, encoding the original data of the user to obtain plaintext data includes: and encoding the original data in a SISD encoding mode, a SIMD-Slot encoding mode or a SIMD-Coeff encoding mode to obtain plaintext data meeting a preset algebraic structure.
It should be noted that, in the embodiment of the present application, the original data may be encoded by means of SISD encoding, SIMD-Slot encoding, or SIMD-Coeff encoding, so as to obtain plaintext data satisfying a certain algebraic structure, for example, the obtained integer plaintext data needs to be in a certain remaining class, and the vector plaintext data needs to be in a certain ring.
Therefore, the embodiment of the application provides reliable data support for the acquisition of the subsequent ciphertext data by acquiring the plaintext data.
In step S202, plaintext data is encrypted based on a preset cryptographic key, so as to obtain fully homomorphic encrypted data.
After obtaining the plaintext data, the embodiment of the application can further call the cryptographic operation mode of the encryption operation from the cryptographic operation library through the calculation instruction library, and encrypt the obtained plaintext data by utilizing the cryptographic key in the data type library, thereby obtaining the ciphertext data in the data type library.
The cipher key is a key for encrypting plaintext data into ciphertext data and comprises a symmetric cipher key and an asymmetric cipher key; ciphertext data is encrypted data in a homomorphic encryption scheme, wherein in the homomorphic scheme based on LWE, the ciphertext data is an integer vector, and in the homomorphic scheme based on RLWE, the ciphertext data is a polynomial vector or a polynomial matrix; the cipher operation library is used as a core module of homomorphic encryption, defines various homomorphic cipher basic algorithms and operators, provides two important functions of coding and encryption, and has a calculation process shown in figure 3, wherein the cipher operation library can code different original data into different plaintext data types, and encrypt the plaintext data into different ciphertext types, so that support is provided for various operation instructions in the calculation instruction library.
Optionally, in one embodiment of the present application, encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data includes: based on a preset plaintext/ciphertext conversion operator, encrypting plaintext data by using an LWE encryption, RLWE encryption, MLWE encryption or RGSW encryption method to obtain fully homomorphic encrypted data.
It should be noted that, in the embodiment of the present application, different plaintext data may be symmetrically encrypted or asymmetrically encrypted by using a cipher key, that is, a preset plaintext/ciphertext conversion operator, through a method of LWE encryption, RLWE encryption, MLWE encryption or RGSW encryption by using a cipher operation library, so as to obtain fully homomorphic encrypted data.
Therefore, the embodiment of the application acquires the full homomorphic encryption data by encrypting the plaintext data, thereby providing data support for the follow-up full homomorphic calculation instruction.
In step S203, according to the preset homomorphic calculation instruction, an operator corresponding to the homomorphic calculation instruction is called, and arithmetic operation and/or logic operation are performed on the homomorphic encryption data, so as to obtain a general privacy calculation result.
In the actual calculation process, aiming at different isomorphic calculation tasks, the embodiment of the application can utilize a compiler to call the corresponding data types in the data type library and the calculation instructions in the calculation instruction module, and the calculation instruction library can call the encryption, coding and other password operation modes from the password operation library, so that the corresponding password operation is completed through the mathematical base library, the calculation process is irrelevant to the isomorphic encryption scheme, the complex tasks with homomorphic arithmetic operation and homomorphic logic operation can be completed, and the method has universality and high efficiency.
When a new calculation instruction or a new data type is required to be added, the new calculation instruction can be defined only in the calculation instruction library, the new data type is added in the data type library, the whole calculation architecture is not required to be modified, and the method has good expansibility; if hardware acceleration is to be performed on the computing architecture, an acceleration interface can be provided in the math base library to directly accelerate the underlying math operation, so that hardware acceleration is easy.
Optionally, in an embodiment of the present application, according to a preset isomorphic computing instruction, invoking an operator corresponding to the isomorphic computing instruction, and performing arithmetic operation and/or logical operation on the isomorphic encrypted data to obtain a general privacy computing result, including: performing arithmetic operation on the isomorphic encryption data based on a preset isomorphic arithmetic operator; and carrying out logic operation on the fully homomorphic encryption data based on a preset fully homomorphic logic operator.
It should be noted that, the calculation instruction library in the embodiment of the present application is the uppermost module of the whole calculation architecture, which can implement multiple homomorphic instruction operators to complete corresponding calculation instructions by calling corresponding elements of the cryptographic operation module and the data type module. The calculation instruction library defines and realizes a series of identical state arithmetic operation operators, identical state logic operation operators, plaintext/ciphertext conversion operators and the like, and provides various identical state calculation instructions for homomorphic arithmetic operation and homomorphic logic operation.
The isomorphic arithmetic operation operator comprises addition, subtraction, homomorphic matrix multiplication, homomorphic convolution, rotation, linearization, hierarchical addition, hierarchical multiplication and other operations; the full homomorphic logic operator comprises homomorphic NAND gate, ciphertext conversion, key rotation, blind rotation, function bootstrapping, selector, modulus rotation and the like; the plaintext/ciphertext conversion operator is then used to convert between plaintext and ciphertext. The instructions in the calculation instruction library are irrelevant to the encryption schemes, and the ciphertext types corresponding to different encryption schemes can be calculated by using the same instruction.
Therefore, the embodiment of the application can calculate complex tasks comprising homomorphic arithmetic operation and homomorphic logic operation through different types of ciphertext conversion schemes, and can construct more complex homomorphic calculation instructions by utilizing the existing calculation instructions so as to provide various instructions according to the requirements of a compiler and realize various complex calculation operations.
Optionally, in one embodiment of the present application, performing arithmetic and/or logical operations on the isomorphic encryption data comprises: and performing arithmetic operation and/or logical operation on the fully homomorphic encryption data by using a mathematical base, wherein the mathematical base comprises at least one of an integer algebraic structure, a polynomial algebraic structure, a number theory transformation and a remainder system.
In the embodiment of the application, the mathematical base is used as the basis of the whole privacy calculation framework, provides the mathematical structure and mathematical operation support of the bottom layer, and performs arithmetic operation and/or logic operation on the isomorphic encryption data by using an operation key, wherein the operation key consists of a series of ciphertext, and most of operation keys are public and can be used for calculation of homomorphic logic circuits.
The mathematical base described above includes four basic mathematical structures and operations, namely an integer algebraic structure, a polynomial algebraic structure, a number-theory transformation and a residue number system. The integer algebra structure is the most basic mathematical structure in the full homomorphic encryption, the polynomial algebra structure is used for supporting the full homomorphic polynomial ciphertext operation, the number theory transformation is used for supporting the multiplication operation on the full homomorphic ciphertext, and the remainder system is used for supporting the full homomorphic operation of the big ciphertext. The mathematical structure and the operation are widely applied to full homomorphic encryption, can support various calculation operations such as addition, subtraction, multiplication and the like, and provide reliable mathematical structure and mathematical operation basis for other libraries.
According to the universal privacy computing method based on isomorphic encryption, the original data of the user is obtained, and the original data of the user is encoded to obtain plaintext data; encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data; according to a preset isohomomorphic calculation instruction, an operator corresponding to the isomorphic calculation instruction is called, and arithmetic operation and/or logic operation is carried out on isohomomorphic encryption data to obtain a general privacy calculation result, so that barriers among different isohomomorphic encryption schemes are eliminated, complex calculation tasks of arithmetic operation and logic operation mixing in isomorphic encryption can be effectively completed, new instructions are easily expanded, and hardware acceleration is easily realized.
Next, a general privacy computing device based on homomorphic encryption according to an embodiment of the present application will be described with reference to the accompanying drawings.
FIG. 4 is a block diagram of a generic privacy computing device based on homomorphic encryption in accordance with an embodiment of the present application.
As shown in fig. 4, the universal privacy computing device 10 based on homomorphic encryption includes: encoding module 100, encryption module 200, and computing module 300.
The encoding module 100 is configured to obtain original data of a user, and encode the original data of the user to obtain plaintext data.
The encryption module 200 is configured to encrypt the plaintext data based on a preset cryptographic key, thereby obtaining fully homomorphic encrypted data.
The computing module 300 is configured to call an operator corresponding to the fully homomorphic computing instruction according to a preset fully homomorphic computing instruction, and perform arithmetic operation and/or logic operation on the fully homomorphic encrypted data to obtain a general privacy computing result.
Optionally, in one embodiment of the present application, the encoding module 100 is specifically configured to encode the original data by means of SISD encoding, SIMD-Slot encoding or SIMD-Coeff encoding, so as to obtain plaintext data that satisfies a preset algebraic structure.
Optionally, in one embodiment of the present application, the encryption module 200 is specifically configured to encrypt the plaintext data by LWE encryption, RLWE encryption, MLWE encryption or RGSW encryption based on a preset plaintext/ciphertext conversion operator, to obtain the fully homomorphic encrypted data.
Optionally, in one embodiment of the present application, the computing module 300 includes: a first arithmetic unit and a second arithmetic unit.
Wherein the first operation unit is used for carrying out arithmetic operation on the fully homomorphic encryption data based on a preset fully homomorphic arithmetic operation operator.
And the second operation unit is used for carrying out logic operation on the fully homomorphic encryption data based on a preset fully homomorphic logic operation operator.
Optionally, in one embodiment of the present application, the computing module 300 further includes: and the calling unit is used for carrying out arithmetic operation and/or logical operation on the isomorphic encryption data by utilizing a mathematical basic library, wherein the mathematical basic library comprises at least one of an integer algebraic structure, a polynomial algebraic structure, a number theory transformation and a residual number system.
It should be noted that the foregoing explanation of the embodiment of the general privacy calculating method based on homomorphic encryption is also applicable to the general privacy calculating device based on homomorphic encryption of this embodiment, and will not be repeated here.
According to the universal privacy computing device based on homomorphic encryption, the original data of the user is obtained, and the original data of the user is encoded to obtain plaintext data; encrypting the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data; according to a preset isohomomorphic calculation instruction, an operator corresponding to the isomorphic calculation instruction is called, and arithmetic operation and/or logic operation is carried out on isohomomorphic encryption data to obtain a general privacy calculation result, so that barriers among different isohomomorphic encryption schemes are eliminated, complex calculation tasks of arithmetic operation and logic operation mixing in isomorphic encryption can be effectively completed, new instructions are easily expanded, and hardware acceleration is easily realized.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application. The electronic device may include:
memory 501, processor 502, and a computer program stored on memory 501 and executable on processor 502.
The processor 502 implements the generic privacy calculation method based on isomorphic encryption provided in the above embodiments when executing a program.
Further, the electronic device further includes:
a communication interface 503 for communication between the memory 501 and the processor 502.
Memory 501 for storing a computer program executable on processor 502.
The memory 501 may include high-speed RAM memory and may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
If the memory 501, the processor 502, and the communication interface 503 are implemented independently, the communication interface 503, the memory 501, and the processor 502 may be connected to each other via a bus and perform communication with each other. The bus may be an industry standard architecture (Industry Standard Architecture, abbreviated ISA) bus, an external device interconnect (Peripheral Component, abbreviated PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, abbreviated EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, only one thick line is shown in fig. 5, but not only one bus or one type of bus.
Alternatively, in a specific implementation, if the memory 501, the processor 502, and the communication interface 503 are integrated on a chip, the memory 501, the processor 502, and the communication interface 503 may perform communication with each other through internal interfaces.
The processor 502 may be a central processing unit (Central Processing Unit, abbreviated as CPU) or an application specific integrated circuit (Application Specific Integrated Circuit, abbreviated as ASIC) or one or more integrated circuits configured to implement embodiments of the present application.
The embodiment of the application also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor implements the general privacy calculation method based on homomorphic encryption as above.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or N embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In the description of the present application, "N" means at least two, for example, two, three, etc., unless specifically defined otherwise.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and additional implementations are included within the scope of the preferred embodiment of the present application in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order from that shown or discussed, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present application.
Logic and/or steps represented in the flowcharts or otherwise described herein, e.g., a ordered listing of executable instructions for implementing logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or N wires, a portable computer cartridge (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). In addition, the computer readable medium may even be paper or other suitable medium on which the program is printed, as the program may be electronically captured, via optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It is to be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above-described embodiments, the N steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system. If implemented in hardware, as in another embodiment, may be implemented using any one or combination of the following techniques, as known in the art: discrete logic circuits having logic gates for implementing logic functions on data signals, application specific integrated circuits having suitable combinational logic gates, programmable Gate Arrays (PGAs), field Programmable Gate Arrays (FPGAs), and the like.
Those of ordinary skill in the art will appreciate that all or a portion of the steps carried out in the method of the above-described embodiments may be implemented by a program to instruct related hardware, where the program may be stored in a computer readable storage medium, and where the program, when executed, includes one or a combination of the steps of the method embodiments.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing module, or each unit may exist alone physically, or two or more units may be integrated in one module. The integrated modules may be implemented in hardware or in software functional modules. The integrated modules may also be stored in a computer readable storage medium if implemented in the form of software functional modules and sold or used as a stand-alone product.
The above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, or the like. While embodiments of the present application have been shown and described above, it will be understood that the above embodiments are illustrative and not to be construed as limiting the application, and that variations, modifications, alternatives and variations may be made to the above embodiments by one of ordinary skill in the art within the scope of the application.

Claims (12)

1.一种基于全同态加密的通用隐私计算方法,其特征在于,包括以下步骤:1. A general privacy calculation method based on fully homomorphic encryption, which is characterized by including the following steps: 获取用户的原始数据,并对所述用户的原始数据进行编码,得到明文数据;Obtain the user's original data and encode the user's original data to obtain plaintext data; 基于预设密码密钥,对所述明文数据进行加密,得到全同态加密数据;Based on the preset password key, the plaintext data is encrypted to obtain fully homomorphic encrypted data; 根据预设的全同态计算指令,调用所述全同态计算指令对应的运算算子,并对所述全同态加密数据进行算术运算和/或逻辑运算,得到通用隐私计算结果。According to the preset fully homomorphic computing instruction, the operation operator corresponding to the fully homomorphic computing instruction is called, and arithmetic operations and/or logical operations are performed on the fully homomorphic encrypted data to obtain a universal privacy calculation result. 2.根据权利要求1所述的方法,其特征在于,所述对所述用户的原始数据进行编码,得到明文数据,包括:2. The method according to claim 1, characterized in that said encoding the user's original data to obtain plain text data includes: 通过SISD编码、SIMD-Slot编码或SIMD-Coeff编码的方式对所述原始数据进行编码,得到满足预设代数结构的所述明文数据。The original data is encoded by SISD encoding, SIMD-Slot encoding or SIMD-Coeff encoding to obtain the plaintext data that satisfies a preset algebraic structure. 3.根据权利要求2所述的方法,其特征在于,所述基于预设密码密钥,对所述明文数据进行加密,得到全同态加密数据,包括:3. The method of claim 2, wherein the plaintext data is encrypted based on a preset cryptographic key to obtain fully homomorphic encrypted data, including: 基于预设明文/密文转换算子,通过LWE加密、RLWE加密、MLWE加密或RGSW加密的方法对所述明文数据进行加密,得到所述全同态加密数据。Based on the preset plaintext/ciphertext conversion operator, the plaintext data is encrypted by LWE encryption, RLWE encryption, MLWE encryption or RGSW encryption to obtain the fully homomorphic encrypted data. 4.根据权利要求1所述的方法,其特征在于,所述根据预设的全同态计算指令,调用所述全同态计算指令对应的运算算子,并对所述全同态加密数据进行算术运算和/或逻辑运算,得到通用隐私计算结果,包括:4. The method according to claim 1, characterized in that, according to the preset fully homomorphic computing instruction, the operation operator corresponding to the fully homomorphic computing instruction is called, and the fully homomorphic encrypted data is Perform arithmetic operations and/or logical operations to obtain general privacy calculation results, including: 基于预设全同态算术运算算子,对所述全同态加密数据进行算术运算;Perform arithmetic operations on the fully homomorphic encrypted data based on a preset fully homomorphic arithmetic operation operator; 基于预设全同态逻辑运算算子,对所述全同态加密数据进行逻辑运算。Based on the preset fully homomorphic logical operation operator, logical operations are performed on the fully homomorphic encrypted data. 5.根据权利要求1所述的方法,其特征在于,所述对所述全同态加密数据进行算术运算和/或逻辑运算,包括:5. The method of claim 1, wherein performing arithmetic operations and/or logical operations on the fully homomorphic encrypted data includes: 利用数学基础库对所述全同态加密数据进行算术运算和/或逻辑运算,其中,所述数学基础库包括整数代数结构、多项式代数结构、数论变换以及剩余数系统中的至少一项。A mathematical basic library is used to perform arithmetic operations and/or logical operations on the fully homomorphic encrypted data, wherein the mathematical basic library includes at least one of integer algebraic structures, polynomial algebraic structures, number theory transformations, and residual number systems. 6.一种基于全同态加密的通用隐私计算装置,其特征在于,包括:6. A universal privacy computing device based on fully homomorphic encryption, characterized by including: 编码模块,用于获取用户的原始数据,并对所述用户的原始数据进行编码,得到明文数据;An encoding module, used to obtain the user's original data and encode the user's original data to obtain plaintext data; 加密模块,用于基于预设密码密钥,对所述明文数据进行加密,得到全同态加密数据;An encryption module, used to encrypt the plaintext data based on a preset cryptographic key to obtain fully homomorphic encrypted data; 计算模块,用于根据预设的全同态计算指令,调用所述全同态计算指令对应的运算算子,并对所述全同态加密数据进行算术运算和/或逻辑运算,得到通用隐私计算结果。A computing module, configured to call the operation operator corresponding to the fully homomorphic computing instruction according to the preset fully homomorphic computing instruction, and perform arithmetic operations and/or logical operations on the fully homomorphic encrypted data to obtain universal privacy Calculation results. 7.根据权利要求6所述的装置,其特征在于,所述编码模块具体用于,7. The device according to claim 6, characterized in that the encoding module is specifically used to: 通过SISD编码、SIMD-Slot编码或SIMD-Coeff编码的方式对所述原始数据进行编码,得到满足预设代数结构的所述明文数据。The original data is encoded by SISD encoding, SIMD-Slot encoding or SIMD-Coeff encoding to obtain the plaintext data that satisfies a preset algebraic structure. 8.根据权利要求7所述的装置,其特征在于,所述加密模块具体用于,8. The device according to claim 7, characterized in that the encryption module is specifically used to: 基于预设明文/密文转换算子,通过LWE加密、RLWE加密、MLWE加密或RGSW加密的方法对所述明文数据进行加密,得到所述全同态加密数据。Based on the preset plaintext/ciphertext conversion operator, the plaintext data is encrypted by LWE encryption, RLWE encryption, MLWE encryption or RGSW encryption to obtain the fully homomorphic encrypted data. 9.根据权利要求6所述的装置,其特征在于,所述计算模块包括:9. The device according to claim 6, wherein the computing module includes: 第一运算单元,用于基于预设全同态算术运算算子,对所述全同态加密数据进行算术运算;A first operation unit configured to perform arithmetic operations on the fully homomorphic encrypted data based on a preset fully homomorphic arithmetic operation operator; 第二运算单元,用于基于预设全同态逻辑运算算子,对所述全同态加密数据进行逻辑运算。The second operation unit is used to perform logical operations on the fully homomorphic encrypted data based on the preset fully homomorphic logical operation operator. 10.根据权利要求6所述的装置,其特征在于,所述计算模块还包括:10. The device according to claim 6, wherein the computing module further includes: 调用单元,用于利用数学基础库对所述全同态加密数据进行算术运算和/或逻辑运算,其中,所述数学基础库包括整数代数结构、多项式代数结构、数论变换以及剩余数系统中的至少一项。The calling unit is used to perform arithmetic operations and/or logical operations on the fully homomorphic encrypted data using a mathematical basic library, wherein the mathematical basic library includes integer algebraic structures, polynomial algebraic structures, number theory transformations, and residual number systems. At least one item. 11.一种电子设备,其特征在于,包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述程序,以实现如权利要求1-5任一项所述的基于全同态加密的通用隐私计算方法。11. An electronic device, characterized in that it includes: a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor executes the program to implement the claims as claimed in A universal privacy calculation method based on fully homomorphic encryption according to any one of requirements 1-5. 12.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行,以用于实现如权利要求1-5任一项所述的基于全同态加密的通用隐私计算方法。12. A computer-readable storage medium with a computer program stored thereon, characterized in that the program is executed by a processor to implement fully homomorphic encryption based on any one of claims 1-5. A general approach to privacy computation.
CN202310864942.3A 2023-07-13 2023-07-13 Universal privacy computing method, device, equipment and medium based on homomorphic encryption Pending CN116846535A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310864942.3A CN116846535A (en) 2023-07-13 2023-07-13 Universal privacy computing method, device, equipment and medium based on homomorphic encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310864942.3A CN116846535A (en) 2023-07-13 2023-07-13 Universal privacy computing method, device, equipment and medium based on homomorphic encryption

Publications (1)

Publication Number Publication Date
CN116846535A true CN116846535A (en) 2023-10-03

Family

ID=88161521

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310864942.3A Pending CN116846535A (en) 2023-07-13 2023-07-13 Universal privacy computing method, device, equipment and medium based on homomorphic encryption

Country Status (1)

Country Link
CN (1) CN116846535A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119995830A (en) * 2025-03-05 2025-05-13 山东大学 A CKKS bootstrapping method and system based on blind rotation

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119995830A (en) * 2025-03-05 2025-05-13 山东大学 A CKKS bootstrapping method and system based on blind rotation

Similar Documents

Publication Publication Date Title
KR102550812B1 (en) Method for comparing ciphertext using homomorphic encryption and apparatus for executing thereof
CN112070222B (en) Processing device, accelerator and method for federal learning
JP2017515195A (en) Solve digital logic constraint problems via adiabatic quantum computation
CN102314580A (en) Vector and matrix operation-based calculation-supported encryption method
CN113098675B (en) Binary data encryption system and method based on polynomial complete homomorphism
CN117440103B (en) Privacy data processing method and system based on homomorphic encryption and space optimization
CN106570815A (en) Image encryption method based on double-chaos system and blocking
CN113761563B (en) Data intersection calculation method and device and electronic equipment
WO2024174107A1 (en) Homomorphic decryption method and apparatus, and non-volatile storage medium and computer device
CN116484415A (en) Privacy decision tree reasoning method based on fully homomorphic encryption
CN111813544B (en) Processing method, device, scheduling and management system and medium for computing task
Wang et al. Reducing garbled circuit size while preserving circuit gate privacy
CN111079153B (en) Security modeling method and device, electronic equipment and storage medium
CN114244517A (en) Data encryption and signature method and device, computer equipment and storage medium
CN116846535A (en) Universal privacy computing method, device, equipment and medium based on homomorphic encryption
Chen et al. Accelerating private large transformers inference through fine-grained collaborative computation
JP7248120B2 (en) CRYPTOGRAPHIC SYSTEM, KEY GENERATOR, ENCRYPTER, DECODER, AND PROGRAM
CN116415271A (en) Data processing method and computing platform
WO2025213755A1 (en) Encryption method applicable to industrial control system, decryption method applicable to industrial control system, round key expansion method, and apparatus
Yang et al. A lightweight full homomorphic encryption scheme on fully-connected layer for CNN hardware accelerator achieving security inference
CN112395636A (en) Power grid data encryption model training method, system, storage medium and equipment
CN114817954B (en) Image processing methods, systems and apparatus
CN117349685A (en) A communication data clustering method, system, terminal and medium
JP2024533214A (en) Machine learning based cryptanalysis
Shortell et al. Secure Convolutional Neural Network using FHE

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination