CN115333746A - Multi-party safety calculation method and system based on GPU and electronic equipment - Google Patents
Multi-party safety calculation method and system based on GPU and electronic equipment Download PDFInfo
- Publication number
- CN115333746A CN115333746A CN202210835702.6A CN202210835702A CN115333746A CN 115333746 A CN115333746 A CN 115333746A CN 202210835702 A CN202210835702 A CN 202210835702A CN 115333746 A CN115333746 A CN 115333746A
- Authority
- CN
- China
- Prior art keywords
- matrix
- privacy sharing
- calculation
- gpu
- verification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/16—Matrix or vector computation, e.g. matrix-matrix or matrix-vector multiplication, matrix factorization
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Biomedical Technology (AREA)
- Molecular Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Artificial Intelligence (AREA)
- Health & Medical Sciences (AREA)
- Biophysics (AREA)
- Evolutionary Computation (AREA)
- Computational Linguistics (AREA)
- Algebra (AREA)
- Databases & Information Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to the technical field of safety, in particular to a multi-party safety computing method and system based on a GPU and an electronic device. The input matrix of a current user is obtained from a CPU and transmitted to a GPU for parallel calculation, the input matrix is decomposed into n privacy sharing matrices, an information verification code matrix is calculated according to a key selected by the current user and combined with an SPDZ algorithm and sent to the CPU, a zero knowledge certificate is obtained through calculation, 1 privacy sharing matrix selected by the current user is obtained, n-1 privacy sharing matrices, the information verification code matrix and the zero knowledge certificate are disclosed to other users and verified, if the information verification code matrix is correct, calculation is started, a calculation result is obtained, and if the information verification code matrix is incorrect, calculation is stopped. According to the technical scheme, the algorithm on the CPU is transplanted to the GPU for parallel calculation, and a series of algorithms in the prior art are expanded to matrix operation, so that the safety of the private information of the patient/user is protected while the multi-party safety calculation efficiency used by machine learning is improved.
Description
Technical Field
The invention relates to the technical field of safety, in particular to a multi-party safety computing method and system based on a GPU and an electronic device.
Background
The internet has been transitive from the IT era to the DT (Data Technology, data processing Technology) era, and Data represents the core competitiveness of DT era enterprises and can only generate value if IT flows. However, most enterprises are very careful about data sharing in consideration of data security and personal privacy. In real life, we often encounter the following problems:
1. medical institutions, and hospitals, need to share medical information, but do not want to reveal the privacy of patients;
2. in some voting data, statistical voting information is required, but it is not desirable to disclose the voter's vote record.
Aiming at the phenomenon of data islanding, secure multi-party computing (Secure Multi-party computing) provides a solution, and makes a great contribution to realizing controllable sharing of data.
However, machine learning requires a large amount of accurate data, and existing solutions at present mainly rely on non-provable security schemes, such as multi-party security computing relying on a trusted third party or even a first party; or a multi-party secure computing scheme that is not optimized. The privacy provided by the former cannot be effectively verified, and only a third party participating in calculation can be supposed not to be malicious even by a first party directly owning data, while the latter can ensure the privacy, but only the CPU can be used for calculation, so that the problems of excessive calculation resources and overlong time exist. Especially for the scenes of machine learning and the like which need to perform a large amount of task calculation, the unoptimized multi-party safety calculation scheme cannot meet the application requirements in reality.
Disclosure of Invention
In view of this, the present invention provides a method, a system and an electronic device for multi-party secure computation based on a GPU, so as to achieve the purpose of ensuring privacy of patients/users and improving efficiency of multi-party secure computation of machine learning.
According to a first aspect of the embodiments of the present invention, there is provided a multi-party secure computing method based on GPUs, including:
acquiring an input matrix input by a current user from a CPU (Central processing Unit) and transmitting the input matrix to a GPU (graphics processing Unit), wherein the input matrix is acquired through an addition privacy sharing algorithm;
decomposing the input matrix into n privacy sharing matrices through parallel computation in a GPU, and adding the privacy sharing matrices to be equal to the input matrix;
calculating an information verification code matrix corresponding to the privacy sharing matrix in the GPU according to a key selected by a current user and by combining an SPDZ algorithm, and sending the information verification code matrix to the CPU;
calculating in a CPU according to a key selected by a current user and in combination with an SPDZ algorithm to obtain a zero knowledge proof;
obtaining 1 privacy sharing matrix selected by a current user in a CPU, disclosing n-1 privacy sharing matrices, an information verification code matrix and a zero knowledge certificate to other users, and verifying whether the privacy sharing matrices, the information verification code matrix and the zero knowledge certificate are correct or not;
if the privacy sharing matrix calculation result is correct, starting calculation, and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result;
if not, the calculation is terminated.
Preferably, if the result is correct, starting to calculate and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result, including:
and inputting the 1 privacy sharing matrix selected by the current user and the received privacy sharing matrixes of other users into an input layer of the neural network, and transmitting the privacy sharing matrixes to a hidden layer for calculation to an output layer to output a result.
Preferably, said passing to the hidden layer for calculation comprises:
and bit addition, which is to perform parallel calculation on the GPU through an addition unit of the CUDA platform.
Preferably, the passing to the hidden layer for calculation includes:
and bit multiplication, namely generating Beaver Triples vectors of the privacy sharing matrix through a configure unit of the CUDA platform to be connected into a matrix with the same row number and column number as the privacy sharing matrix.
Preferably, said passing to the hidden layer for calculation comprises:
matrix multiplication, which dynamically compiles the operation into a combination of bit multiplication and bit addition by a compiler.
Preferably, said passing to the hidden layer for calculation comprises:
other bit calculations, the operations are dynamically compiled by the compiler using Taylor expansion into a combination of bit multiplication and bit addition.
Preferably, after the calculation is started and the final privacy sharing matrix calculation result and the final information verification code matrix calculation result are obtained if the calculation is correct, the method includes:
verifying whether the received information verification code matrix of other users is correct or not;
and if the privacy sharing matrix is correct, appointing a current user to carry out bit addition on the privacy sharing matrix calculation result through an addition privacy recovery algorithm to obtain a final result matrix.
Preferably, after obtaining the final result matrix, the method includes:
if training, updating the neural network through a back propagation algorithm, and sending the neural network to all users for repeated training until all users jointly decide to terminate;
if so, outputting a result matrix.
According to a second aspect of embodiments of the present invention, there is provided a GPU-based multi-party secure computing system, comprising:
the acquisition module is used for acquiring an input matrix input by a current user from a CPU (central processing unit) and transmitting the input matrix to a GPU (graphics processing unit), wherein the input matrix is acquired through an addition privacy sharing algorithm;
a decomposition module configured to perform parallel computation in a GPU to decompose the input matrix into n privacy sharing matrices, and the sum of the privacy sharing matrices is equal to the input matrix;
the selection module is used for calculating an information verification code matrix corresponding to the privacy sharing matrix in the GPU according to a key selected by a current user and in combination with an SPDZ algorithm, and sending the information verification code matrix to the CPU;
the computing module is used for computing in the CPU according to a key selected by a current user and in combination with an SPDZ algorithm to obtain a zero knowledge proof;
the verification module is used for acquiring 1 privacy sharing matrix selected by the current user from the CPU, disclosing the n-1 privacy sharing matrices, the information verification code matrix and the zero knowledge certificate to other users and verifying whether the privacy sharing matrices, the information verification code matrix and the zero knowledge certificate are correct or not;
if the privacy sharing matrix calculation result is correct, starting calculation, and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result;
if not, the calculation is terminated.
According to a third aspect of embodiments of the present invention, there is provided an electronic apparatus, including:
the system comprises a GPU, a CPU and a memory, wherein the CPU and the memory are respectively connected with the GPU, and program instructions and generated Beaver Triples vectors are stored in the memory;
the CPU and GPU are configured to execute program instructions stored in the memory to perform the method of any of claims 1-6.
The technical scheme provided by the embodiment of the invention can have the following beneficial effects:
the method comprises the steps of obtaining an input matrix input by a current user from a CPU and transmitting the input matrix to a GPU, wherein the input matrix is obtained through an addition privacy sharing algorithm, decomposing the input matrix into n privacy sharing matrices through parallel calculation in the GPU, adding the privacy sharing matrices to be equal to the input matrix, calculating an information verification code matrix corresponding to the privacy sharing matrices in the GPU according to a key selected by the current user and combining with an SPDZ algorithm, sending the information verification code matrix to the CPU, calculating a zero knowledge certificate according to the key selected by the current user and combining with the SPDZ algorithm in the CPU, obtaining 1 privacy sharing matrix selected by the current user from the CPU, disclosing the n-1 privacy sharing matrices, the information verification code matrix and the zero knowledge certificate to other users, verifying whether the privacy matrices are correct or not, starting calculation if the privacy sharing matrices are correct, obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result, and stopping calculation if the privacy sharing matrix calculation result is incorrect. According to the technical scheme, the algorithm on the CPU is transplanted to the GPU for parallel calculation, and a series of algorithms in the prior art are expanded to matrix operation, so that the safety of the private information of the patient/user is protected while the multi-party safety calculation efficiency used for machine learning is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
FIG. 1 is a flow diagram illustrating a GPU-based multi-party secure computing method in accordance with an exemplary embodiment;
FIG. 2 is a flow diagram illustrating a GPU-based multi-party secure computing system in accordance with an exemplary embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. The following description refers to the accompanying drawings in which the same numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the invention, as detailed in the appended claims.
In the prior art, a Secure multi-party computing (MPC for short, SMC or SMPC for short) problem was first proposed in 1982 by chinese computer scientist, professor yao qian prize winner, which is a well-known problem of paul: how to compare more rich on the premise of not exposing respective wealth when two strong and good winning rich radicals Alice and Bob meet each other on the street?
The "million Fuji problems" of Yao is developed by O Goldreich, micali and Wigderson, etc., and becomes a very active research field in modern cryptology, namely, safe multiparty calculation, the mathematics of which is described as that "n participants P1, P2, \8230, pn need to jointly calculate a function in a safe way, wherein the safety refers to the correctness of an output result and the confidentiality of input information and output information. Specifically, each participant P1 has its own secret input information X1, and n participants collectively calculate a function f (X1, X2, \8230;, xn) = (Y1, Y2, \8230;, yn), and at the end of the calculation, each participant Pi only knows Yi, but not any information of the other parties. "
Example one
FIG. 1 is a flowchart illustrating a GPU-based multi-party secure computing method, as shown in FIG. 1, according to an example embodiment, comprising:
s11, acquiring an input matrix input by a current user from a CPU (Central processing Unit) and transmitting the input matrix to a GPU (graphics processing Unit), wherein the input matrix is acquired through an addition privacy sharing algorithm;
step S12, performing parallel computation in a GPU to decompose the input matrix into n privacy sharing matrices, wherein the sum of the privacy sharing matrices is equal to the input matrix;
step S13, calculating an information verification code matrix corresponding to the privacy sharing matrix in the GPU according to a key selected by a current user and in combination with an SPDZ algorithm, and sending the information verification code matrix to a CPU;
step S14, calculating in a CPU according to a key selected by a current user and in combination with an SPDZ algorithm to obtain a zero knowledge proof;
s15, obtaining 1 privacy sharing matrix selected by a current user in a CPU, disclosing the n-1 privacy sharing matrices, an information verification code matrix and a zero knowledge certificate to other users, and verifying whether the privacy sharing matrices, the information verification code matrix and the zero knowledge certificate are correct or not;
if the privacy sharing matrix calculation result is correct, starting calculation, and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result;
if not, the calculation is terminated.
It should be noted that, in specific practice, the application scenarios of the technical solution provided by this embodiment include but are not limited to: medical institutions, medical enterprises, hospitals, financial institutions, government agencies, and the like.
The technical solution provided by this embodiment requires the GPU and the CPU to be used in cooperation. In a specific practice, the steps S11, S14, S15 are executed in the CPU, and the steps S12, S13 are executed in the GPU.
In a specific practice, in order to take advantage of the GPU multi-party security algorithm, assuming that the number of users participating in the calculation is n, the input of each user is a matrix with the same size, and the users want to train or predict through a preset neural network together.
In specific practice, before calculation is started, all users input their own information into an input matrix according to an addition privacy sharing algorithm, and decompose the input matrix to generate n (how many individuals decompose into) privacy sharing matrices. The input of the addition privacy sharing algorithm is an input matrix carrying information of a current user, the output of the addition privacy sharing algorithm is n privacy sharing matrices, and the newly generated n privacy sharing matrices meet the condition that an addition result is the originally input matrix.
In particular practice, all users randomly select an information verification code key k, which is then used to generate an information verification code. All users calculate information verification codes for each bit in the privacy sharing matrix according to the SPDZ algorithm, then the generated information verification codes are arranged according to the original bit sequence to obtain an information verification code matrix, the input of the SDPZ information verification code algorithm is a privacy sharing matrix and an information verification code key, and the output is the privacy sharing matrix. The information verification code matrix generated by the SPDZ algorithm has homomorphism.
In particular practice, each user generates a privacy sharing matrix while generating a zero knowledge proof (zero knowledge proof, meaning that the prover can convince the verifier that some conclusion is correct without providing the verifier with any useful information. The zero knowledge proof is generated using the Gro16 zk-snark algorithm. And each user reserves any one of the n newly generated privacy sharing matrixes, and other n-1 privacy sharing matrixes, the corresponding information verification code matrix and the zero knowledge proof are disclosed to n-1 users except the user. And all users verify whether the received information verification code matrix and zero knowledge proof of other users are correct. If all are correct, the actual calculation is started. Otherwise, the calculation is terminated.
It can be understood that, in the technical scheme provided in this embodiment, an input matrix input by a current user is acquired in a CPU and transmitted to a GPU, where the input matrix is acquired through an addition privacy sharing algorithm, the input matrix is decomposed into n privacy sharing matrices through parallel computation in the GPU, the privacy sharing matrices are added to be equal to the input matrix, an information verification code matrix corresponding to the privacy sharing matrix is calculated in the GPU according to a key selected by the current user and in combination with an SPDZ algorithm, and is sent to the CPU, a zero knowledge proof is calculated in the CPU according to the key selected by the current user and in combination with the SPDZ algorithm, 1 privacy sharing matrix selected by the current user is acquired in the CPU, n-1 privacy sharing matrices, the information verification code matrix, and the zero knowledge proof are disclosed to other users, and whether the verification is correct or not is verified, if the calculation is started, a final privacy sharing matrix calculation result and an information verification code matrix calculation result are obtained, and if the calculation result is incorrect, the calculation is terminated. According to the technical scheme, the algorithm on the CPU is transplanted to the GPU for parallel calculation, and a series of algorithms in the prior art are expanded to matrix operation, so that the safety of the private information of the patient/user is protected while the multi-party safety calculation efficiency used for machine learning is improved.
In a specific practice, if the privacy sharing matrix calculation result is correct, the calculation is started to obtain a final privacy sharing matrix calculation result and an information verification code matrix calculation result, and the method includes the following steps:
and inputting the 1 privacy sharing matrix selected by the current user and the received privacy sharing matrixes of other users into an input layer of the neural network, and transmitting the privacy sharing matrixes to a hidden layer for calculation to an output layer to output a result.
Before the calculation of the above steps, each user generates enough combinations of the ternary numbers according to an overridive random ternary number generation algorithm. The input of the overridive random ternary number generation algorithm is a random number locally generated by a user, the output is three Beaver Triples vectors of a, b and c, and the result that c is equal to a result of bit multiplication of a and b is met. The calculation is realized by performing parallel calculation on a GPU through bit addition, multiplication and RSA units of CUDA.
After the calculation is started, all users firstly input the privacy sharing matrix retained by the users and the privacy sharing matrix received from other users into an input layer of the neural network. And the system transmits the privacy sharing matrix retained by the system and the privacy sharing matrix received from other users to the hidden layer for calculation in sequence until the input layer completes calculation, and the output layer outputs a result.
In particular practice, the passing to the hidden layer performs computations, including:
and bit addition, which is carried out on the GPU in parallel through an addition unit of the CUDA platform.
It should be noted that if the layer of computation is bit addition, the layer of computation is directly performed on the GPU in parallel through the addition unit of the CUDA platform.
In particular practice, the passing to the hidden layer performs computations, including:
and bit multiplication, namely generating Beaver Triples vectors of the privacy sharing matrix through a configure unit of the CUDA platform, and connecting the Beaver Triples vectors into a matrix with the same row number and column number as the privacy sharing matrix.
It should be noted that, if the layer is calculated as bit multiplication, the Beaver Triples vectors generated in the previous process are respectively connected into the privacy sharing matrices a, B, and C of the required size through the configure unit of the CUDA platform according to the size of the privacy sharing matrix to be calculated. For example: the input matrices of the system that need bit multiplication at this level are denoted as X and Y. The system discloses the values D for all users X-A, and the values E for Y-B. And accumulating all received D values as local D values, accumulating the received E values as local E values, and calculating D, B, E, C and D, E, wherein all the values are bit multiplication and + is bit addition. The calculation is realized by parallel calculation on a GPU through a bit addition and multiplication unit of a CUDA platform, and a calculation result is transmitted to a next layer of neural network.
In a specific practice, the passing to the hidden layer for calculation includes:
matrix multiplication, which dynamically compiles the operation into a combination of bit multiplication and bit addition by a compiler.
It should be noted that, if the layer is calculated as matrix multiplication, the operation is dynamically compiled into a combination of bit multiplication and bit addition by the compiler, and then calculated according to algorithm 1 and algorithm 2.
In particular practice, other bit calculations, the operations are dynamically compiled by a compiler using Taylor expansion into a combination of bit multiplication and bit addition.
It should be noted that, while performing the above calculation, the system transmits the information verification code matrix corresponding to each privacy sharing matrix as input to the input layer of the neural network, and performs the calculation according to the above algorithm until the result is output by the output layer.
In a specific practice, after the calculation is started and the final privacy sharing matrix calculation result and the final information verification code matrix calculation result are obtained if the calculation is correct, the following steps are included:
verifying whether the received information verification code matrix of other users is correct or not;
and if the privacy sharing matrix is correct, appointing a current user to carry out bit addition on the privacy sharing matrix calculation result through an addition privacy recovery algorithm to obtain a final result matrix.
It should be noted that after the above calculation is completed, the final privacy sharing matrix calculation result and the information verification code matrix calculation result of the current user are sent to other users. And each user verifies the received information verification code matrix of other users. If all the privacy sharing matrixes are correct, a specified user carries out bit addition on the privacy sharing matrix calculation result through an addition privacy recovery algorithm to obtain a final result matrix. Otherwise, the calculation is terminated.
And if the calculation purpose is prediction, outputting a final result matrix. If the calculation purpose is training, the system updates the neural network through a back propagation algorithm, sends the updated neural network to all users, repeats the training calculation until all users are satisfied, and is determined to be terminated by all users together. The above calculation is realized by performing parallel calculation on the GPU through a bit addition and multiplication unit of the CUDA.
It should be noted that all users input the neural network required to be calculated and the privacy sharing matrix required to be calculated. And an offline calculation part generates the Beaver Triples vector, and the Beaver Triples vector is generated according to the design of an overladrive algorithm through semi-homomorphic encryption. The offline computation part can be used by users participating in computation in advance, and a large number of Beaver Triples vectors are generated to be used by the subsequent online computation part. And in the on-line calculation part, the system carries out privacy sharing on input information of all users and generates an information verification code matrix, and the calculation of the privacy sharing matrix and the information verification code matrix is realized in a matrix form through a GPU (graphics processing unit). The system then generates a zero knowledge proof that all calculations correspond. After calculation is started, multiplication and addition calculation are realized by using an improved Overdrive algorithm and through GPU calculation in a matrix form, wherein the improved Overdrive algorithm mainly has the improvement points that: 1. the algorithm of CPU calculation is transplanted to GPU for calculation, 2, the existing static precompilation is changed into dynamic compilation, and 3, a series of algorithms which are only suitable for floating point number originally are expanded to matrix operation. The non-linear calculation except multiplication and addition is converted into an approximate algorithm consisting of multiplication and addition through a dynamic compiling part through Taylor expansion, and then the calculation is carried out in the mode. And in the on-line calculation finishing stage, the users verify the information verification code matrix and the zero knowledge proof together in a mode in the improved Overdrive algorithm, if the verification fails, the program is immediately terminated, if the verification passes, all the users disclose own calculation results, and the user is appointed in advance to calculate by utilizing the privacy recovery algorithm to obtain a final calculation result matrix.
It can be understood that, in the technical scheme provided in this embodiment, an input matrix input by a current user is acquired in a CPU and transmitted to a GPU, where the input matrix is acquired through an addition privacy sharing algorithm, the input matrix is decomposed into n privacy sharing matrices through parallel computation in the GPU, the privacy sharing matrices are added to be equal to the input matrix, an information verification code matrix corresponding to the privacy sharing matrix is calculated in the GPU according to a key selected by the current user and in combination with an SPDZ algorithm, and is sent to the CPU, a zero knowledge proof is calculated in the CPU according to the key selected by the current user and in combination with the SPDZ algorithm, 1 privacy sharing matrix selected by the current user is acquired in the CPU, n-1 privacy sharing matrices, the information verification code matrix, and the zero knowledge proof are disclosed to other users, and whether the verification is correct or not is verified, if the calculation is started, a final privacy sharing matrix calculation result and an information verification code matrix calculation result are obtained, and if the calculation result is incorrect, the calculation is terminated. According to the technical scheme, the algorithm on the CPU is transplanted to the GPU for parallel calculation, and a series of algorithms in the prior art are expanded to matrix operation, so that the safety of the private information of the patient/user is protected while the multi-party safety calculation efficiency used for machine learning is improved.
Example two
A GPU-based multi-party secure computing system 200 is shown according to an exemplary embodiment, comprising:
an obtaining module 201, configured to obtain an input matrix input by a current user in a CPU, and transmit the input matrix to a GPU, where the input matrix is obtained through an addition privacy sharing algorithm;
a decomposition module 202, configured to perform parallel computation in the GPU to decompose the input matrix into n privacy sharing matrices, and add the privacy sharing matrices to equal the input matrix;
the selecting module 203 is used for calculating an information verification code matrix corresponding to the privacy sharing matrix in the GPU according to a key selected by a current user and in combination with an SPDZ algorithm, and sending the information verification code matrix to the CPU;
a calculation module 204, configured to calculate, in the CPU, to obtain a zero knowledge proof according to a key selected by a current user and by combining with an SPDZ algorithm;
the verification module 205 is configured to obtain 1 privacy sharing matrix selected by a current user in the CPU, disclose n-1 privacy sharing matrices, an information verification code matrix, and a zero knowledge certificate to other users, and verify whether the privacy sharing matrices, the information verification code matrix, and the zero knowledge certificate are correct;
if the privacy sharing matrix calculation result is correct, starting calculation, and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result;
if not, the calculation is terminated.
It should be noted that, in specific practice, the application scenarios of the technical solution provided by this embodiment include but are not limited to: medical institutions, medical enterprises, hospitals, financial institutions, government agencies, and the like.
The technical solution provided by this embodiment requires the GPU and the CPU to be used in cooperation. In a specific practice, the steps S11, S14, S15 are executed in the CPU, and the steps S12, S13 are executed in the GPU.
The technical solution provided in this embodiment has already been described in the above method embodiments, and is not described herein again.
It can be understood that, in the technical scheme provided in this embodiment, an obtaining module 201 is used for obtaining an input matrix input by a current user in a CPU and transmitting the input matrix to a GPU, wherein the input matrix is obtained by an addition privacy sharing algorithm, a decomposing module 202 is used for decomposing the input matrix into n privacy sharing matrices through parallel calculation in the GPU, the privacy sharing matrices are added to be equal to the input matrix, a selecting module 203 is used for calculating an information verification code matrix corresponding to the privacy sharing matrix in the GPU according to a key selected by the current user and by combining with an SPDZ algorithm and transmitting the information verification code matrix to the CPU, a calculating module 204 is used for calculating a zero knowledge proof in the CPU according to a key selected by the current user and by combining with the SPDZ algorithm, a verifying module 205 is used for obtaining 1 privacy sharing matrix selected by the current user in the CPU, disclosing n-1 privacy sharing matrix, information verification code matrix and zero knowledge proof to other users and verifying whether the calculation is correct, if the calculation result is correct, the calculation result is obtained by a final privacy matrix calculation result and the calculation result of the information verification code matrix calculation is obtained by the CPU, and the safety calculation algorithm is expanded to a multi-party of the present invention.
EXAMPLE III
An electronic device is shown according to an example embodiment, comprising:
the system comprises a GPU, a CPU and a memory, wherein the CPU and the memory are respectively connected with the GPU, and program instructions are stored in the memory;
the CPU and the GPU are used for executing program instructions stored in the memory and executing the method.
It should be noted that, in specific practice, the application scenarios of the technical solution provided by this embodiment include but are not limited to: medical institutions, medical enterprises, hospitals, financial institutions, government agencies, and the like.
The technical scheme provided by the embodiment needs the cooperation of the GPU and the CPU. In a specific practice, the steps S11, S14, S15 are executed in the CPU, and the steps S12, S13 are executed in the GPU.
The technical solutions provided in this embodiment have been described in the above method embodiments, and are not described herein again.
It can be understood that, in the technical scheme provided in this embodiment, an input matrix input by a current user is obtained in a CPU and transmitted to a GPU, where the input matrix is obtained through an addition privacy sharing algorithm, the input matrix is decomposed into n privacy sharing matrices through parallel computation in the GPU, the privacy sharing matrices are added to be equal to the input matrix, an information verification code matrix corresponding to the privacy sharing matrix is calculated in the GPU according to a secret key selected by the current user and in combination with an SPDZ algorithm and is sent to the CPU, a zero knowledge proof is calculated in the CPU according to the secret key selected by the current user and in combination with the SPDZ algorithm, 1 privacy sharing matrix selected by the current user is obtained in the CPU, n-1 privacy sharing matrices, the information verification code matrix and the zero knowledge proof are disclosed to other users, whether the information verification code matrix is correct or not is verified, if the information verification code matrix is correct, the calculation is started, a final privacy sharing matrix calculation result and the information verification code matrix calculation result are obtained, and if the calculation is incorrect, the calculation is terminated. According to the technical scheme, the algorithm on the CPU is transplanted to the GPU for parallel calculation, and a series of algorithms in the prior art are expanded to matrix operation, so that the safety of the private information of the patient/user is protected while the multi-party safety calculation efficiency used for machine learning is improved.
It is understood that the same or similar parts in the above embodiments may be mutually referred to, and the same or similar parts in other embodiments may be referred to for the content which is not described in detail in some embodiments.
It should be noted that the terms "first," "second," and the like in the description of the present invention are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. Further, in the description of the present invention, the meaning of "a plurality" means at least two unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried out in the method of implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and the program, when executed, includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a separate product, may also be stored in a computer-readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.
Claims (10)
1. A multi-party secure computing method based on a GPU is characterized by comprising the following steps:
acquiring an input matrix input by a current user from a CPU (Central processing Unit) and transmitting the input matrix to a GPU (graphics processing Unit), wherein the input matrix is acquired through an addition privacy sharing algorithm;
decomposing the input matrix into n privacy sharing matrices through parallel computation in a GPU, and adding the privacy sharing matrices to be equal to the input matrix;
calculating an information verification code matrix corresponding to the privacy sharing matrix in the GPU according to a key selected by a current user and in combination with an SPDZ algorithm, and sending the information verification code matrix to the CPU;
calculating in a CPU according to a key selected by a current user and in combination with an SPDZ algorithm to obtain a zero knowledge proof;
obtaining 1 privacy sharing matrix selected by a current user in a CPU, disclosing n-1 privacy sharing matrices, an information verification code matrix and a zero knowledge certificate to other users, and verifying whether the privacy sharing matrices, the information verification code matrix and the zero knowledge certificate are correct or not;
if the privacy sharing matrix calculation result is correct, starting calculation, and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result;
if not, the calculation is terminated.
2. The multiparty security computing method according to claim 1, wherein if the result is correct, starting the computation and obtaining a final privacy sharing matrix computation result and an information verification code matrix computation result, comprising:
and inputting the 1 privacy sharing matrix selected by the current user and the received privacy sharing matrixes of other users into an input layer of the neural network, and transmitting the privacy sharing matrixes to a hidden layer for calculation to an output layer to output a result.
3. The multi-party secure computing method of claim 2, wherein said passing to a hidden layer for computing comprises:
and bit addition, which is to perform parallel calculation on the GPU through an addition unit of the CUDA platform.
4. The multi-party secure computing method of claim 2, wherein said passing to a hidden layer for computing comprises:
and bit multiplication, namely generating Beaver Triples vectors of the privacy sharing matrix through a configure unit of the CUDA platform, and connecting the Beaver Triples vectors into a matrix with the same row number and column number as the privacy sharing matrix.
5. The multi-party secure computing method of claim 2, wherein the passing to the hidden layer for computing comprises:
matrix multiplication, which dynamically compiles the operation into a combination of bit multiplication and bit addition by a compiler.
6. The multi-party secure computing method of claim 2, wherein said passing to a hidden layer for computing comprises:
other bit calculations, the operations are dynamically compiled by the compiler using Taylor expansion into a combination of bit multiplication and bit addition.
7. The multiparty security computing method according to claim 3, wherein after starting the computation and obtaining the final privacy sharing matrix computation result and the information verification code matrix computation result if the multiparty security computation method is correct, the method comprises:
verifying whether the received information verification code matrix of other users is correct or not;
and if the privacy sharing matrix is correct, appointing a current user to carry out bit addition on the privacy sharing matrix calculation result through an addition privacy recovery algorithm to obtain a final result matrix.
8. The multi-party secure computing method of claim 7, wherein after obtaining the final result matrix, the method comprises:
if training, updating the neural network through a back propagation algorithm, and sending the neural network to all users for repeated training until all users jointly determine to terminate;
if so, outputting a result matrix.
9. A GPU-based multi-party secure computing system, comprising:
the system comprises an acquisition module, a privacy sharing module and a privacy sharing module, wherein the acquisition module is used for acquiring an input matrix input by a current user, and the input matrix is acquired through an addition privacy sharing algorithm;
a decomposition module configured to decompose the input matrix into n privacy sharing matrices, and the sum of the privacy sharing matrices is equal to the input matrix;
the selecting module is used for calculating an information verification code matrix corresponding to the privacy sharing matrix according to a key selected by a current user and by combining an SPDZ algorithm, and obtaining a zero knowledge proof;
the verification module is used for acquiring 1 privacy sharing matrix selected by the current user, disclosing the n-1 privacy sharing matrices, the information verification code matrix and the zero knowledge certificate to other users and verifying whether the privacy sharing matrices, the information verification code matrix and the zero knowledge certificate are correct or not;
if the privacy sharing matrix calculation result is correct, starting calculation, and obtaining a final privacy sharing matrix calculation result and an information verification code matrix calculation result;
if not, the calculation is terminated.
10. An electronic device, comprising:
the system comprises a GPU, a CPU and a memory, wherein the CPU and the memory are respectively connected with the GPU, and program instructions and generated Beaver triplets vectors are stored in the memory;
the CPU and GPU are configured to execute program instructions stored in the memory to perform the method of any of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210835702.6A CN115333746A (en) | 2022-07-15 | 2022-07-15 | Multi-party safety calculation method and system based on GPU and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210835702.6A CN115333746A (en) | 2022-07-15 | 2022-07-15 | Multi-party safety calculation method and system based on GPU and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115333746A true CN115333746A (en) | 2022-11-11 |
Family
ID=83918350
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210835702.6A Pending CN115333746A (en) | 2022-07-15 | 2022-07-15 | Multi-party safety calculation method and system based on GPU and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115333746A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116431968A (en) * | 2023-04-04 | 2023-07-14 | 北京航空航天大学 | Three-party secure multiplication method and system for privacy calculation |
-
2022
- 2022-07-15 CN CN202210835702.6A patent/CN115333746A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116431968A (en) * | 2023-04-04 | 2023-07-14 | 北京航空航天大学 | Three-party secure multiplication method and system for privacy calculation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3616356B1 (en) | Preventing misrepresentation of input data by participants in a secure multi-party computation | |
| WO2013031533A1 (en) | Information processing device, information processing method, and program | |
| CN112613601B (en) | Neural network model updating method, equipment and computer storage medium | |
| Disilvestro et al. | Quantum protocols within Spekkens' toy model | |
| CN109104410B (en) | Information matching method and device | |
| Patel et al. | Blockchain-envisioned trusted random oracles for IoT-enabled probabilistic smart contracts | |
| Chen et al. | A blockchain-based signature exchange protocol for metaverse | |
| CN113841149A (en) | System and method for mining on a workload justification blockchain network | |
| CN112000993B (en) | Block chain-based data storage verification method, equipment and storage medium | |
| CN115333746A (en) | Multi-party safety calculation method and system based on GPU and electronic equipment | |
| Gao et al. | Gradientcoin: A peer-to-peer decentralized large language models | |
| JPWO2013129084A1 (en) | Information processing apparatus, information processing method, and program | |
| WO2020208491A1 (en) | Computer implemented method and system for knowledge proof in blockchain transactions | |
| CN111404685A (en) | Attribute-based signature method and system | |
| CN114358323A (en) | Third-party-based efficient Pearson coefficient calculation method in federated learning environment | |
| US20220129249A1 (en) | Computer implemented method and system for pseudo-random data generator | |
| Baniata et al. | Approaches to overpower proof-of-work blockchains despite minority | |
| CN114362962A (en) | Block chain workload proof generation method | |
| Damgård et al. | Quantum-secure coin-flipping and applications | |
| CN113591160A (en) | State digital signature method and system based on symmetric password | |
| JP2012244232A (en) | Information sharing system, method, device and program | |
| Guo et al. | Foundations of security reduction | |
| KR20210048120A (en) | P2P Network based Verifiable Random Number Generation Method and System using Periodic Seeder Inheritance | |
| CN111443895A (en) | Verifiable random number generation method applied to block chain | |
| Gemajli et al. | A Low Carbon Proof-of-work Blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |