Method and system for improving homomorphic encryption performance based on trusted execution environment
Patent Information
- Authority / Receiving Office
- NL · NL
- Patent Type
- Patents
- Current Assignee / Owner
- NANHU LAB
- Filing Date
- 2024-12-18
- Publication Date
- 2026-06-12
AI Technical Summary
Existing homomorphic encryption technologies struggle with inefficient and inaccurate execution of nonlinear operations, leading to errors in tasks such as classification due to improper parameter settings and error propagation during Taylor expansion approximations.
A method and system that utilizes a trusted execution environment (TEE) to accurately divide computing tasks into linear and nonlinear operations, employing memory encryption and homomorphic encryption services to execute these operations separately, with linear operations performed homomorphically and nonlinear operations in plaintext within the TEE, ensuring accurate task completion.
This approach enhances the performance and accuracy of homomorphic encryption by avoiding high threshold parameter selection and error propagation, improving efficiency and reliability while maintaining data security.
Abstract
Description
TECHNICALFIELD
[0001] The present disclosure belongs to the technical eld of homomorphic encryption algorithms and condential computing, and in particular to a method and system for improving homomorphic encryption performance based on a trusted execution environment. BACKGROUND
[0002] Privacy computing or condential operation based on CPU level refers to trusted execution environment based on chip-level trusted base, which is not controlled by system layer and kernel layer (that is, even with the highest administrative privilege of a computer system or kernel-level control right, the data and operation in this secure environment still cannot be viewed, tampered with and controlled ), thus ensuring the security of data privacy protection and the credibility of operation in the trusted execution environment. At present, the corresponding technologies include x86, Intel Software Guard Extensions (SGX), AMD Secure Encrypted Virtualization (SEV), HYGON China Secure Virtualization (CSV), ARM V9 Condential Compute Architecture (CCA), etc. The condential computing technology has been widely used in general-purpose chips and integrated into general-purpose computers and servers in the market, such as Intel Xeon servers andHYGON third-generation servers.
[0003] Homomorphic encryption is a special encryption technology, which allows to perform computing in an encrypted state and perform operation on the encrypted data without decrypting the data rst. This means that after the encrypted data is operated, the result of decryption is about to be matched with the result of the same operation on the private data. Homomorphic encryption not only protects privacy and security, but also allows the computing in a case of encrypting the data, which is of a great signicance in the elds of cloud computing and secure multi-party computing. Homomorphic encryption is of a great signicance for processing sensitive information and privacy data safely due to its support to the computing in the encrypted state.
[0004] Different fully homomorphic encryption schemes represented by bounded gap variance (BGV), Gentry-Sahai-Waters (GSW) and CheonKimKimSong (CKKS), and semi-homomorphism and partially homomorphism schemes such as ElGamal multiplicative homomorphism and Paillier additive homomorphism, etc., support only linear operations such as addition, multiplication, and rotation. However, nonlinear operation is a common computing task, which can only be approximated by Taylor expansion approximation and the like. Improper parameter setting or the transmission of the errors of nonlinear computing results may lead to errors in the nal task, such as classication errors in classication tasks. SUMMARY
[0005] An objective of the present disclosure is to reduce the implementation difculty of homomorphic encryption and improve the efciency, usability, and accuracy. Based on the accurate division of linear and nonlinear operations, a method for improving homomorphic encryption performance based on a trusted execution environment is achieved by deploying two encryption services, i.e., memory encryption computing and homomorphic encryption computing, according to a division result.
[0006] A method for improving homomorphic encryption performance based on a trusted execution environment includes the following steps:
[0007] acquiring a computing task,
[0008] decomposing the computing task into a group of subtasks according to a computing function list in the computing task,
[0009] decomposing the subtasks in turn according to a list of provided basic homomorphic encryption operators to obtain a suboperation set;
[0010] labeling a suboperation as a "linear operation" or a "nonlinear operation" according to whether the suboperation can be directly implemented using an element in the list ofprovided basic homomorphic encryption operators or not,
[0011] processing each suboperation in turn:
[0012] for a suboperation labeled as the linear operation, determining a homomorphic computing scheme according to a suboperation task, acquiring encrypted computing data which is encrypted according to the homomorphic computing scheme, and using the encrypted computing data for homomorphic encryption computing,
[0013] for a suboperation labeled as the nonlinear operation, completing plaintext computing in a trusted execution environment, and
[0014] returning an encrypted computing result to a user side, where the computing result returned to the user side may be a nal computing result, or a nal computing result and partial or all intermediate computing results, and the computing result to be returned can be returned to the user side after all computing tasks are completed (including all suboperations of all subtasks), and the intermediate computing results to be returned may also be returned to the user side immediately after obtaining the computing result.
[0015] According to the scheme above, the trusted execution environment is used to improve the performance of the homomorphic encryption technology. By providing a corresponding decomposition means, the computing task is divided first according to subtasks, and then the subtasks are divided from the operation dimension according to list of provided basic homomorphic encryption operators (LoHEO), thus achieving the accurate division of the linear operation and the nonlinear operation. The division and labeling of the linear operation and the nonlinear operation of the computing task are achieved based on the above accurate division results to ensure that the operation that originally requires the homomorphic encryption (HE) service (here is the abbreviation of the homomorphic computing service module) to approximate the computing through Taylor expansion is completed in trusted execution environment (TEE), thus achieving the performance improvement of the homomorphic encryption technology while avoiding the high threshold parameter selection that depends on error propagation prediction and control in the approximate computing of the HE service.
[0016] In the method for improving homomorphic encryption performance based on a trusted execution environment, the method further includes the following steps:
[0017] forming, according to the subtasks, a computing diagram comprising data required by each subtask and a data transfer relationship between the subtasks, and
[0018] processing the subtasks in turn according to the computing diagram.
[0019] Processing various subtasks in turn according to the computing diagram includes a processing sequence of the subtasks, acquisition of data required when processing a corresponding subtask, and output of a result to the corresponding subtask after the processing is nished.
[0020] In the method for improving homomorphic encryption performance based on a trusted execution environment, the suboperation for the homomorphic encryption computing is executed, and computing data thereof is encrypted by the trusted execution environment or the user side according to the homomorphic computing scheme.
[0021] Ifthe user side participates in the generation ofa homomorphic key for homomorphic encryption, the user side is congured to generate the homomorphic key for the suboperation and encrypt the computing data. Otherwise, the trusted execution environment is congured to generate the homomorphic key for the suboperation and encrypt the homomorphic key. A user can encrypt all computing data involved in the computing task with the own user key, and provide the encrypted computing data to a server.
[0022] In the method for improving homomorphic encryption performance based on a trusted execution environment,
[0023] for the suboperation that needs to return a computing result to the user side and is labeled as the "linear operation" (usually, the computing result of the last suboperation needs to be returned to the user side),
[0024] in a case that the user side participates in the generation of a homomorphic key, the computing result of the homomorphic encryption computing is directly returned to the user side, and
[0025] in a case that the user side does not participate in the generation of the homomorphic key, the computing result ofthe homomorphic encryption computing is provided to the trusted execution environment, and the trusted execution environment is congured to decrypt the computing result, re-encrypt the computing result with the own user key of the user, and return the re-encrypted computing result to the user side.
[0026] In the method for improving homomorphic encryption performance based on a trusted execution environment, a computing result of the suboperation labeled as the "linear operation" is stored in a homomorphic computing encryption data module, or provided to the trusted execution module and then saved in a data cache module of the trusted execution environment.
[0027] The computing result that does not need to be returned to the user side can be stored in the homomorphic computing encryption data module. The computing result that needs to be returned to the user side, such as a nal computing result, is provided to the data cache module ofthe trusted execution environment.
[0028] A computing result of the suboperation labeled as the "nonlinear operation" is cached in the data cache module ofthe trusted execution environment.
[0029] If the data cache module is insufcient in space, old data is encrypted and then transferred from the data cache module to a data management unit external to the trusted execution environment by replacing the old data with new data, and the latest computing result is saved in the data cache module. The key for re-encryption and saving may be the user key, or a key generated by the executed execution environment itself. The computing result of the suboperation may be used in the subsequent suboperation computing. Therefore, the trusted execution environment is used here for caching or encrypting and saving the computing result, or the homomorphic computing encryption data module is congured to encrypt and save the computing result. If the computing result is cached or encrypted and saved using the trusted execution environment, the computing result is directly used subsequently according to a computing mode of the suboperation to be used (the data is located in the data cache module ofthe trusted execution environment for plaintext computing in TEE), or decrypted for use (the data is located in the data management unit for plaintext computing in TEE), or the data is encoded and encrypted for use (the data is located in the data cache module for homomorphic encryption computing external to TEE), or decrypted and then re-encoded and encrypted for use (the data is located in the data management unit for the homomorphic encryption computing external to TEE). Ifthe computing result is encrypted and saved using the homomorphic computing encryption data module, the corresponding operation can be performed when the computing result needs to be used subsequently. For example, if the computing result is inconsistent with an encryption mode required by the homomorphic computing scheme of the corresponding suboperation or needs to be used by the nonlinear computing operation, the computing result can be provided to the trusted execution environment for corresponding operation. If the computing result is consistent with an encryption mode required by the homomorphic computing scheme of the corresponding suboperation, the computing result is directly provided to the homomorphic computing service module for homomorphic computing.
[0030] In the method for improving homomorphic encryption performance based on a trusted execution environment, in response to a current encryption state of the computing data required by the suboperation labeled as the "linear operation" being consistent with a homomorphic computing scheme thereof, encrypted computing data is directly used to execute the current suboperation.
[0031] Otherwise, the trusted execution environment or the user side is congured to re-encrypt the computing data with the current encryption state being inconsistent with the homomorphic computing scheme thereof according to the homomorphic computing scheme thereof, thus executing the current suboperation. Certainly, if the computing data is in a plaintext state in the TEE environment, decryption is not required, and the computing data is directly re-encrypted according to the homomorphic computing scheme. In the computing data used by one suboperation, if encryption states of some data are consistent while encryption states of some data are inconsistent, it is only necessary to re-encrypt the inconsistent part.
[0032] The computing data of each suboperation includes a computing result of an early suboperation and / or all or part ofprivate data.
[0033] In the method for improving homomorphic encryption performance based on a trusted execution environment, the method further includes the following steps: acquiring a user key and private data encrypted by the user key, where computing data of a first suboperation of the computing task is the private data.
[0034] The user key is archived locally through a trusted archiving technology.
[0035] The computing result returned to the user side is encrypted with the key provided by the user side. When the user side does not participate in the generation of the homomorphic encryption key, or the suboperation corresponding to the computing result is obtained by plaintext computing in the trusted execution environment, the user key of the user side is congured to encrypt a computing result needing to be returned to the user side. When the user side participates in the generation of the homomorphic encryption key, the computing result is encrypted by the homomorphic key generated at the user side.
[0036] In the method for improving homomorphic encryption performance based on a trusted execution environment, the method further includes the following steps: monitoring noise of the homomorphic encryption computing, and starting TEE denoising when a noise threshold is reached,
[0037] decrypting computing data and computing results of a current homomorphic computing scheme using the trusted execution environment, re-encoding and encrypting the decrypted computing data and computing results, and providing the re-encoded and encrypted computing data and computing results to homomorphic computing service for continuously performing homomorphic encryption computing.
[0038] By using the TEE environment that already exists and is provided for improving the homomorphic encryption performance, the homomorphic encryption computing is subjected to denoising, there is no need to do complex hardware and software processing for denoising alone, and there is no need for additional denoising means, which effectively improves the denoising effect and efciency.
[0039] A system for improving homomorphic encryption performance based on a trusted execution environment, including an encryption computing server for providing safety computing for a user side. The computing server includes a trusted execution environment, a homomorphic computing service module and a communication control module communicating with one another, thus executing the method for improving homomorphic encryption performance based on a trusted execution environment above.
[0040] The trusted execution environment is congured to perform plaintext computing, decrypt a homomorphic computing result, encrypt a computing result, and encrypt homomorphic encryption computing data.
[0041] The homomorphic computing service module is congured to determine a homomorphic computing scheme according to a suboperation task, and perform homomorphic encryption computing based on computing data.
[0042] The communication control module is congured to communicate with the user side, manage encrypted data external to the TEE, and decompose and allocate a computing task.
[0043] In the system for improving homomorphic encryption performance based on a trusted execution environment, the system further includes a user side for initiating a computing request to the encryption computing server, the user side is congured to encrypt the computing data and submit the encrypted computing data to the encryption computing server with a user key and the computing task.
[0044] The user side or the trusted execution environment is congured to encrypt computing data labeled as a "linear operation", thus providing a corresponding homomorphic computing scheme for homomorphic encryption computing.
[0045] The communication control module includes a homomorphic computing encryption data module, and a TEE encryption data module. The homomorphic computing encryption data module is congured to store encrypted data ofthe computing result ofthe homomorphic encryption computing and encryption computing data required by homomorphic computing. The TEE encryption data module is congured to store data encrypted by the trusted execution environment (such as a computing result).
[0046] The present disclosure has the advantages that:
[0047] 1. The trusted execution environment is used to improve the performance of the homomorphic encryption technology, which is conducive to high-performance implementation ofthe homomorphic encryption technology scheme.
[0048] 2. In this scheme, the decomposition of the computing task is provided, and the corresponding decomposition means is given, and the division and labeling means for the linear operation and the nonlinear operation are also provided. By achieving accurate division, two encryption computing services, i.e., the memory encryption computing and homomorphic encryption computing, are deployed according to a division result, it is ensured that the operation that requires the HE service to approximate the computing through Taylor expansion is completed in the TEE, thus achieving the performance improvement of the homomorphic encryption technology and the accurate computing ofthe computing task.
[0049] 3. Through task decomposition and accurate division of the linear and nonlinear operations, dynamic TEE encryption computing andHE computing are deployed for different operation tasks. The whole computing task is a mixed task of HE computing and TEE encryption computing. With its highly trusted execution environment, the TEE encryption computing performs plaintext computing in the process of participating in the computing, which naturally has the denoising function. Therefore, this scheme improves the efciency of the homomorphic encryption algorithm and the reliability of the computing result while ensuring the security ofthe private data and the computing result. BRIEFDESCRIPTIONOFTHEDRAWINGS
[0050] FIGs. 1A-1B are ow diagrams of a method for improving homomorphic encryption performance based on a trusted execution environment according to the present disclosure,
[0051] FIGs. 2A-2B are implementation block diagrams of a method for improving homomorphic encryption performance based on a trusted execution environment according to the present disclosure,
[0052] FIG. 3 is an example of a computing diagram generated through a method for improving homomorphic encryption performance based on a trusted execution environment according to the present disclosure. DETAILEDDESCRIPTIONOFTHEEMBODIMENTS
[0053] The present disclosure is further described in detail below with reference to accompanying drawings and specic embodiments.
[0054] This scheme provides a method and system for improving homomorphic encryption performance based on a trusted execution environment. The system involves two device roles: a user side which is usually used by a user, and an encryption computing server which provides encryption computing service for the computing task of the user. The user side is an interactive portal between the user and the system, which mainly completes the generation of a user key for private data encryption, private data encryption, computing result decryption, computing task generation, and interaction with the encryption computing server. The encryption computing server can provide two privacy protection technologies, i.e., homomorphic computing and trusted execution environment, and congure and call two computing services according to the computing task of the user, thus achieving efcient and reliable encryption computing and protecting the data security in use.
[0055] Embodimentl
[0056] In this method, a request side is congured to execute the following steps:
[0057] according to the data security requirements, a user key UK (user key) for data encryption is generated, and the private data (PD, i.e. user data) is encrypted.
[0058] It should be noted that the user key UK may also be congured to encrypt the communication with the encryption computing server. The user key UK may be a symmetric key, or an asymmetric key.
[0059] The user side can generate a computing taskCT and submit the computing task to the encryption computing server according to an application demand, thus starting TEE service andHE service ofthe encryption computing server.
[0060] TEE remote authentication: the user side is congured to remotely authenticate the trusted execution environment of the encryption computing server. If the authentication is trusted, the user keyUK is sent to the TEE of the encryption computing server, and TEE can archive the key using the sealing technology for subsequent data encryption and decryption.
[0061] The private data is submitted, and the user side is congured to encrypt data required by the computing task with the user keyUK and transmit the encrypted data to the encryption computing server.
[0062] As shown in FIGs. 1A-1B and FIGs. 2A-2B, the encryption computing server is congured to execute the following steps after receiving the computing task, and can achieve the performance improvement of the homomorphic encryption technology using the trusted execution environment through the following steps, thus providing homomorphic computing service with higher performance for the computing task.
[0063] The computing task CT submitted by the request side is received, and the computing task is decomposed into a group of subtasks {Ct_i, i=l, 2,...,k} according to a computing function list in the computing task CT.
[0064] For example, for a reasoning task CT of a single-layer classication convolutional network (an output result is "the probability of the inputs belonging to different categories"), the computing ofwhich can be decomposed into four subtasks: Ct_l< convolution operation, Ct_2 <MaxPool, Ct_3 < matrix operation, and Ct_4 <softmax function computing.
[0065] A computing diagram is formed according to the subtasks. The data required by each subtask ofCT and the data transfer between the subtasks are stored in the computing diagram. The subtasks are processed in turn according to the computing diagram, including a processing sequence of subtasks, acquisition of data required when processing the corresponding subtasks, and application of results to the computing of the corresponding subtasks after processing. The computing diagram ofthe above example is as shown in FIG. 3, where the private data PD={Pd_j, j=l,2,3}, that is, Pd_j is a user data subset.
[0066] The following steps are circularly executed until the computing task is completed, that is, all the subtasks are completed.
[0067] Decomposition and labeling of subtasks: the encryption computing server is lO congured to further decompose the current subtask according to a list of provided basic HE operators (LoHEO) of a homomorphic encryption library to obtain a suboperation set, and label each suboperation computed in the subtask as a "linear operation" or "nonlinear operation" according to whether the suboperation can be directly implemented by the element in LoHEO such as homomorphic additive and homomorphic multiplication, thus forming a suboperation computing list. The following A and B are continuously executed according to the suboperation computing list until the subtasks are completed.
[0068] In above example, the subtask Ct_l convolutional operation can be implemented only using homomorphic additive and homomorphic multiplication operators, and the suboperations of this subtask are all linear operation. In the subtask Ct_4 softmax function computing (as shown in formula (1)), index computing exp( ) is the nonlinear operation, and the suboperations of this subtask include the nonlinear operation and the linear operation. e xi S x- =_ ( ) Zzzlexj (1)
[0069] where x is an output ofprevious sub-operation, i and j are used to distinguish different vector elements, and S(Xi) is an output ofthe softmax subtask.
[0070] A. Preparation ofcomputing data: the computing data ofeach suboperation includes a computing result of early suboperation and / or all or part of private data. The encrypted computing data required by the suboperation of the homomorphic computing is stored in the homomorphic computing encryption data module, and the homomorphic computing encryption data module provides the computing data required by the homomorphic computing to the homomorphic computing service module. The computing data of each suboperation includes three conditions: the computing data include all or partial private data, the computing data includes a computing result, and the computing data includes a computing result and all or partial private data. The rst condition is mostly in the reasoning of the rst suboperation (in an articial neural network (ANN), the rst suboperation often includes all the private data). The subsequent suboperations, according to specic computing task, may include the computing result of the early suboperation, or include the computing result of the early suboperation and all or part ofthe private data. The computing result ofthe early suboperation may be the computing result ofany one or more early suboperations.
[0071] B. There are two conditions as below according to the labeling condition of the suboperation ll
[0072] (1)Linear operation, includes the following steps:
[0073] @ Generation ofHE scheme and parameters, in which the homomorphic computing service module (HE service for short) is congured to determine a homomorphic computing scheme and a data encoding method according to a linear computing task, and set homomorphic encryption computing parameters according to a parameter mapping table and security parameters.
[0074] The CKKS homomorphic encryption scheme is used as an example. According to a security parameter ?t, a polynomial dimension n and coefcient modulus size, i.e., a bit length log q ofthe coefcient modulus, can be determined by the following parameter mapping table, as shown in Table l.
[0075] Table 1 Parameter mapping table with CKKS homomorphic encryption scheme as example __ __ __
[0076] @ Wake of homomorphic encryption support module in TEE, in which the HE service sends the homomorphic encryption computing parameters, the encoding method and an encryption algorithm to the TEE, for the generation of homomorphic key for the homomorphic encryption, data encoding and data encryption. The homomorphic encryption support module is mainly congured to generate the homomorphic key for the homomorphic computing, encrypt the computing data required for the homomorphic computing based on the homomorphic key and the homomorphic encryption computing parameters, and then provide the encrypted computing data to the HE service for homomorphic encryption computing. If the encoding is included, the computing data is further encoded according to the current homomorphic computing scheme.
[0077] @ HE linear operation, in which the HE service can acquire the computing data for encryption based on the trusted execution environment and the current homomorphic computing scheme for linear operation.
[0078] For each suboperation, when the suboperation is labeled as the "linear operation", its computing result is provided to the trusted execution environment and saved in the data cache module of the trusted execution environment. If the computing result of the suboperation of the current homomorphic encryption computing needs to be provided to the user side (for example, the suboperation is the last suboperation of the processed computing task), the encrypted data of the computing result is provided to the trusted execution environment. The trusted execution environment is congured to decrypt the computing result and encrypt the decrypted computing result using the user key, and nally return the encrypted computing result to the user side.
[0079] When a current encryption state of the computing data required by the suboperation labeled as the "linear operation" is consistent with a homomorphic computing scheme thereof, the encrypted computing data is directly used to execute the current suboperation. Otherwise, the trusted execution environment is congured to decrypt the computing data with the current encryption state inconsistent with the homomorphic computing scheme thereof and re-encrypt the computing data according to the homomorphic computing scheme thereof, thus executing the current suboperation.
[0080] For example, when the current suboperation is the "linear operation", the involved computing data includes part ofprivate data. Due to an encryption mode ofthis part of private data is consistent with the encryption mode required by the homomorphic computing scheme determined by the current suboperation (this usually happens because this part of the private data is used by the suboperation labeled as the "linear operation" in the early period and stored in the homomorphic computing encryption data module, and the homomorphic computing scheme used by the early suboperation is consistent with the encryption mode of the homomorphic computing scheme used by the current suboperation, so the private data required by the current homomorphic computing scheme is in an encryption state required at present because of the computing of the early suboperation), this part of the private data can be used directly.
[0081] For another example, when the current suboperation is the "linear operation", the involved computing data includes part of private data. When an encryption mode of this part of private data is inconsistent with the encryption mode required by the homomorphic computing scheme determined by the current suboperation, the trusted execution environment is required to encode and encrypt this part of private data according to the current homomorphic computing scheme (This usually happens because this part ofprivate data is not used by the early suboperations, or although this part of private data has been used by a certain early suboperation using the homomorphic computing scheme, the encryption mode is inconsistent with the homomorphic computing scheme used by the current operation, so the computing data required by the current computing scheme stored in the homomorphic computing encryption data module cannot be directly used).
[0082] Preferably, the noise of the homomorphic encryption computing is monitored, and when the noise threshold is reached, TEE denoising is started.
[0083] By the trusted execution environment, the computing data and computing result ofthe current homomorphic computing scheme are decrypted, encoded (if required), re-encrypted and then provided for theHE service for continuous homomorphic encryption computing.
[0084] (2) Nonlinear operation includes the following steps: when the suboperation is labeled as the "nonlinear operation", plaintext nonlinear operation is performed in TEE, and the computing result of the suboperation is cached in the data cache module of the trusted execution environment.
[0085] If the next suboperation is still the nonlinear operation, the plaintext nonlinear computing is performed continuously in the TEE, or the continuous non-linear operations can be combined as one suboperation. If the next suboperation is the linear operation, the computing data of the next suboperation is encrypted and then provided to theHE service for homomorphic encryption computing.
[0086] If the data cache module is insufcient in space, old data is encrypted and then transferred from the data cache module to a data management unit external to the trusted execution environment by replacing the old data with new data, and the latest computing result is saved in the data cache module. The key for re-encryption and saving may be the user key, or a key generated by the executed execution environment itself, and the former is preferred in this embodiment. The computing result of the suboperation may be used in the subsequent suboperation computing. Therefore, the trusted execution environment is used here for caching or encrypting and saving the computing result. The computing result is directly used subsequently according to a computing mode ofthe suboperation to be used (the data is located in the data cache module of the trusted execution environment for plaintext computing in TEE), or the computing result is decrypted for use (the data is located in the data management unit for plaintext computing in TEE), or the data is encoded and encrypted for use (the data is located in the data cache module for homomorphic encryption computing external to TEE), or the data is decrypted and then re-encoded and encrypted for use (the data is located in the data management unit for the homomorphic encryption computing external to TEE). In the process of executing the step A, if the computing data of the suboperation involves the computing result of the early suboperation, the computing result can be prepared through the above various condition.
[0087] For the computing result that does not participate in the subsequent computing, such as the nal result, the computing result is encrypted and then transferred from the data cache module to a data management unit external to the trusted execution environment, and then the encrypted computing result can be returned to the user side.
[0088] After the computing is nished, the encryption computing server is congured to encrypt a required computing result, which at least includes the nal computing result, using the user key UK, and return the encrypted computing result to the user side. Certainly, the initial user key UK may not be used here, which should not be limited to this key or encryption mode here.
[0089] The user side may use the known user key UK to decrypt the computing result to obtain a plaintext computing result.
[0090] Embodiment 2
[0091] This embodiment is similar to Embodiment 1, and the difference is that in Embodiment 1, the user side does not participate in the generation of the homomorphic key, and the user side in this embodiment participates in the generation ofthe homomorphic key.
[0092] Specically, in this embodiment, the user side is congured to encrypt the computing data required by the suboperation labeled as the "linear operation" according to the homomorphic computing scheme. A computing result computed by the server through the homomorphic encryption computing is directly returned to the user side. As the homomorphic key is generated by the user side itself, an encrypted computing result can be decrypted using the homomorphic key generated by the user side itself. In this scheme, the user side needs to participate in the computing process. Therefore, the mode in Embodiment 1 has less communication expenditure, and can reduce the computing delay relatively.
[0093] Embodiment 3
[0094] This embodiment is similar to Embodiment 1, and the difference is that the computing result of the homomorphic computing encryption is stored in the homomorphic computing encryption data module in this embodiment, and when the computing result needs to be used subsequently, the trusted execution environment is congured to perform the corresponding operation. For example, when the subsequent nonlinear computing needs to use the computing result, the corresponding computing result is decrypted by the trusted execution environment, and the decrypted computing result is used in the trusted execution environment for plaintext nonlinear computing. When the subsequent linear computing needs to use the computing result, if the encryption mode is consistent, the computing result is directly provided to the homomorphic computing service module, if the encryption method is inconsistent, the computing result is provided to the trusted execution environment, and the trusted execution environment is congured to decrypt the computing result and re-encrypt the decrypted computing result according to the current homomorphic computing scheme, and then directly provide the re-encrypted computing result to the homomorphic computing service module, or the computing result is provided to the homomorphic computing service module through the homomorphic computing encryption data module.
[0095] In the above embodiments, the "consistent encryption mode" includes the consistency of the encryption mode itself, and the consistency of the encoding mode before data encryption for those that need to be encoded.
[0096] Specic embodiments described in this embodiment are only illustrative ofthe spirit ofthe present disclosure. According to the present disclosure, those skilled in the art can make various modications or supplements to the described specic embodiments or replace them in a similar way, without departing from the spirit ofthe present disclosure or exceeding the scope dened in the appended claims.
Claims
1. Method for improving homomorphic encryption performance based on a reliable execution environment containing the following steps: obtaining an IT job; decompose the computer science task into a group of sub-tasks according to a computer science function list in the computer science task; decompose the sub-tasks in order according to a list of provided base homomorphic encryption operators to obtain a sub-operation system; mark a sub-operation as a linear operation or a non-linear operation as a consequence of whether the sub-operation is capable of being implemented directly using an element in the list of provided basic homomorphic encryptions operators or not; processing each sub-operation in order; for a suboperation labeled as the linear operation, determine a homomorph computer schema according to a sub-operation task; obtain encrypted computer data data encrypted according to the homomorphic computer schema, and use creating the encrypted computer data for homomorphic encryption computer science; for a sub-operation marked as non-linear operation; complete full text computer science in a reliable execution environment; and returning an encryption computer result to a user side.
2. The method of claim 1, further comprising the steps of: shapes; according to the sub-tasks; of an IT diagram containing data necessary for each sub-task and a data transfer relationship between the sub-tasks; and processing the sub-tasks in sequence according to the computer diagram.
3. A method according to claim 1 or 2, wherein the sub-operation for the homomorphic encryption of computer science has been performed; and processing of data thereof has been encrypted by the trusted execution environment or the user side according to homomorphic computing schedule.
4. Method according to claim 3, wherein for the sub-operation an IT result to be delivered to the user side and noted is the linear operation; in a case where the user side participates in generating a homomorphic key; a computer science result of the homomorphic encryption computer science directly to the user side is returned; and in a case where the user side does not participate in generating a homomorphic key; the computer science result of the homomorphic encryption computer science is delivered to the reliable execution environment; and the reliable execution environment configured is to decrypt the computer science result; to re-encrypt the computer science result from a user key of the user; and the re-encrypted computer result is returned to the user side.
5. Method according to claim 4, wherein an IT result of the sub-operation marked as the linear operation is stored in a homomorphic computer encryption data module; or is provided for the trusted execution environment and then saved in a data cache module of the reliable execution environment; a computer science result of the sub-operation labeled as the non-linear operation is cached in the data cache module of the trusted execution environment; in case the data cache module has insufficient space; old data be encrypted and then transferred from the cache data module to a data management unit that is outside the trusted execution environment replaced by the old data with new data; and the latest IT result is saved in the cache data module.
6. Method according to claim 5; wherein information technology data is required for the sub-operations labeled as the linear operations; in response to their current encryption status be consistent with homomorphic computer science schema of the computer science data; encrypted computer data was used directly to perform the current sub-operation to feed; to feed otherwise; the trusted execution environment or the user side is configured to re-encrypt the IT data with the current encryption status not consistent is with the homomorphic computer schema thereof according to the homomorphic computer schema thereof; in order to carry out the current sub-operation; and the IT data of each sub-operation is an IT result of a previous operation sub-operation and / or all or part of private data.
7. The method of claim 6, wherein the method further comprises the steps of includes: obtaining a user key and private data encrypted by the user key; where the computer data of a first sub-operation of the computer science task the private data are; the user key is archived locally using a reliable archive technology; and the IT result is returned to the user side encrypted with the key provided by the user side.
8. The method of claim 7, wherein the method further comprises the steps of: monitoring noise from homomorphic encryption computing and initiating a TEE (Trusted Execution Environment) noise removal when a noise threshold is reached; decrypting computer data and computer results from a current homomorphic computer schema used in the reliable execution environment; again encoding and encrypting the decrypted computer data and computer science results and the re-encrypted and encrypted informatics data and informatics deliver results to a homomorphic computing service for continuous execution of homomorphic encryption computer science.
9. System for improving homomorphic encryption performance based on a reliable execution environment containing an encryption IT server for the provided with secure IT for a user side, where the IT server is a reliable execution environment contains; a homomorphic computing service module and a communication control module in connection with each other; the method for improving of homomorphic encryption capability based on a reliable execution environment performs according to any of claims 1 to 8; the reliable execution environment is configured to execute a full-text IT perform; decrypt a homomorphic computer science result; encrypt a computer science result and homomorphic encryption encrypts computer data; the homomorphic computing service module is configured to perform a homomorphic computing schema according to a sub-operation task to determine and homomorphic encryption computer scientists based on to perform IT data processing; and the communication control module is configured to communicate with the user side communicate; manage encryption data outside the TEE and perform an IT task unravel and assign.
10. The system of claim 9, wherein the system further comprises a user side for the starting an IT request to the encryption IT server contains; the user side is configured to encrypt the computer data and the encrypted computer data to the encryption computer server with a provide user key and the IT task; the user side or the trusted execution environment is configured to computer data tagged as a linear operation to encrypt; thereby a corresponding homomorphic computer science scheme for homomorphic encryption computer science to provided; and the communication control module a homomorphic computer encryption data module contains; and a TEE encryption data module; the homomorphic computing data module configured to encrypt data from the computer science result of the homomorphic encryption computer science and encryption computer science data necessary for homomorphic to store information technology; and the TEE encryption data module is configured to encrypt data encrypted by storing the trusted execution environment. Acquiring a computing task, and decomposing the computing task into a series of subtasks Further decomposing a current subtask according to a list of provided basic homomorphic encryption operators of a homomorphic encryption library to obtain a suboperation set Directly labeling various suboperations as a linear operation and a non-linear operation according to whether elements in the list of provided basic homomorphic encryption operators can be used or not Next subtask Whether No all subtasks are completed or not? Yes A FIG. 1A A Processing various suboperations in turn Labeling the suboperation Labeling the suboperation as a linear as a nonlinear operation operation Determining a homomorphic computing scheme according to the suboperation task Completing plaintext computing in a trusted execution environment Acquiring computing data encrypted according to the homomorphic computing scheme Performing homomorphic encryption computing using encrypted data Whether all No suboperations of the subtask are completed or not? Next subtask Yes Whether No all subtasks are completed or not? Yes Performing homomorphic encryption computing using encrypted data FIG. 1B The rest Parameter / instruction transmission Key transmission Encrypted data of final Data computing result Request side decryption Submitting computing task Computing task Comnmunicating Submitting with server original Data User key encrypted encryption data Returning Remotely encrypted authenticating computing result and sending key D E B C FIG. 2A Remotely authenticating Returning encrypted Submitting original Submitting and sending key computing result encrypted data computing task Communication control module Nonlinear computing task Decomposing and allocating computing task Data management Data preparation List of Original TEE Homomorphic computing encrypted homomorphic encrypted data encrypted data data encryption operators Computing data Homomorphic computing Nonlinear Homomorphic encryption service module computing support module Designing data encoding method Key calling and data Generation and management Setting encryption management of parameter homomorphic key Data cache Returning Plaintext Linear computing Data Data Data Data data homomorphic result decryption encryption encryption encryption TEE computing denoising Data TEE denoising Computing result decryption User key Noise archiving evaluation Trusted execution environment Encryption computing server FIG. 2B Providing computing data CipherText data Computing result Determining homomorphic computing scheme Honoriorphic computing task