计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (4): 301-309.doi: 10.11896/jsjkx.240600046

• 高性能计算 • 上一篇    下一篇

轻量级异构安全函数计算加速框架

赵川1, 何章钊1,2, 王豪1,2, 孔繁星1,2, 赵圣楠1, 荆山2,3   

  1. 1 泉城省实验室 济南 250103
    2 济南大学信息科学与工程学院 济南 250022
    3 山东省网络环境智能计算技术重点实验室(济南大学) 济南 250022
  • 收稿日期:2024-06-05 修回日期:2024-08-31 出版日期:2025-04-15 发布日期:2025-04-14
  • 通讯作者: 赵圣楠(zsn.sdu@gmail.com)
  • 作者简介:(ise_zhaoc@ujn.edu.cn)
  • 基金资助:
    国家自然科学基金(62472252,62172258);泰山学者工程(tsqn202211280);山东省自然科学基金(ZR2024QF131,ZR2023LZH014,ZR2022ZD01,ZR2022MF264,ZR2021LZH007);山东省重点研发计划(2021SFGC0401,2021CXGC010103);山东省科学技术厅(SYS202201);泉城省实验室重大项目(QCLZD202302)

Lightweight Heterogeneous Secure Function Computing Acceleration Framework

ZHAO Chuan1, HE Zhangzhao1,2, WANG Hao1,2, KONG Fanxing1,2, ZHAO Shengnan1, JING Shan2,3   

  1. 1 Quan Cheng Laboratory,Jinan 250103,China
    2 School of Information Science and Engineering,University of Jinan,Jinan 250022,China
    3 Shandong Provincial Key Laboratory of Network Based Intelligent Computing,University of Jinan,Jinan 250022,China
  • Received:2024-06-05 Revised:2024-08-31 Online:2025-04-15 Published:2025-04-14
  • About author:ZHAO Chuan,born in 1989,Ph.D,professor,is a member of CCF(No.73448M).His main research interests include secure multi-party computing,privacy computing and artificial intelligence security.
    ZHAO Shengnan,born in 1994,Ph.D.His main research interests include secure multi-party computing and blockchain technology.
  • Supported by:
    National Natural Science Foundation of China(62472252,62172258),Taishan Scholars Program(tsqn202211280),Shandong Provincial Natural Science Foundation(ZR2024QF131,ZR2023LZH014,ZR2022ZD01,ZR2022MF264,ZR2021LZH007),Key R&D Program of Shandong Province(2021SFGC0401,2021CXGC010103),Department of Science & Technology of Shandong Province(SYS202201) and Quan Cheng Laboratory(QCLZD202302).

PDF (PC)

66

摘要: 当前,数据已成为关键战略资源,数据挖掘和分析技术在各行业发挥着重要作用,但也存在着数据泄露的风险。安全函数计算(Secure Function Evaluation,SFE)可以在保证数据安全的前提下完成任意函数的计算。Yao协议是一种用于实现安全函数计算的协议,该协议在混淆电路(Garbled Circuit,GC)生成和计算阶段含有大量加解密计算操作,且在不经意传输(Oblivious Transfer,OT)阶段具有较高的计算开销,难以满足复杂的现实应用需求。针对Yao协议的效率问题,基于现场可编程门阵列(Field Programmable Gate Array,FPGA)的异构计算对Yao协议进行加速,并结合提出的轻量级代理不经意传输协议,最终设计出轻量级异构安全计算加速框架。该方案中,混淆电路生成方和代理计算方都实现了CPU-FPGA异构计算架构。该架构借助 CPU 擅长处理控制流的优势和FPGA的并行处理优势对混淆电路生成阶段和计算阶段进行加速,提高了生成混淆电路和计算混淆电路的效率,减轻了计算压力。另外,相比于通过非对称密码算法实现的不经意传输协议,在轻量级代理不经意传输协议中,混淆电路生成方和代理计算方只需执行对称操作,代理计算方即可获取用户输入对应的生成方持有的随机数。该轻量级代理不经意传输协议减轻了用户和服务器在不经意传输阶段的计算压力。实验证明,在局域网环境下,与Yao协议的软件实现(TinyGarble框架)相比,该方案的计算效率至少提高了128倍。

关键词: 安全函数计算, 现场可编程门阵列, 混淆电路, 不经意传输, 异构计算

Abstract: Currently,data has become a crucial strategic resource,and data mining and analysis technologies play an important role in various industries.However,there are risks of data leakage in the process of data mining and analysis.Secure function evaluation(SFE in short) can perform computation of arbitrary functions while ensuring data security.Yao’s protocol is a protocol used for secure function computation,which involves a significant amount of encryption and decryption operations in the garbled circuit(GC) generation and evaluation phases.It has high computational overhead in the oblivious transfer(OT) phase,making it challenging to meet the demands of complex real-world applications.Aimed at the efficiency issues of Yao’s protocol,heterogeneous computing based on field programmable gate array(FPGA) accelerates the Yao’s protocol and combines the proposed lightweight proxy oblivious transfer protocol,ultimately designing a lightweight heterogeneous secure computation acceleration framework.In this solution,a CPU-FPGA heterogeneous computing architecture is implemented for both the garbled circuit generation and the proxy computation tasks.This architecture leverages the advantages of CPU in handling control flow and the parallel processing capabilities of FPGA to accelerate the garbled circuit generation and evaluation phases,increasing the efficiency of generating and evaluating garbled circuits and reducing computational pressure.In addition,compared to the oblivious transfer protocol implemented through asymmetric cryptographic algorithms,in the lightweight proxy oblivious transfer protocol,only symmetric operations are required for the garbled circuit generator and the proxy calculator.The proxy calculator can then obtain the random number held by the generator corresponding to the user’s input.This lightweight proxy oblivious transfer protocol alleviates the computational pressure on the user and the server during the oblivious transfer phase.Experimental results show that in a local area network environment,compared to software implementation of Yao’s protocol(TinyGarble framework),our solution improves computational efficiency by at least 128 times.

Key words: Secure function evaluation, Field programmable gate array, Garbled circuits, Oblivious transfer, Heterogeneous computing

中图分类号: 

  • TP309
[1]GLAESER E L,NATHANSON C G.An extrapolative model ofhouse price dynamics[J].Journal of Financial Economics,2017,126(1):147-170.
[2]BOHR A,MEMARZADEH K.The rise of artificial intelligence in healthcare applications[M]//Artificial Intelligence in Healthcare.New York:Academic Press,2020:25-60.
[3]LIA B.Globalisation and the future of terrorism:Patterns andpredictions[M].London:Routledge,2007.
[4]XIA K,LUO Y,XU X,et al.Sgx-fpga:Trusted execution environment for cpu-fpga heterogeneous architecture[C]//2021 58th ACM/IEEE Design Automation Conference(DAC).NJ:IEEE,2021:301-306.
[5]DAUTERMAN E,RATHEE M,POPA R A,et al.Waldo:Aprivate time-series database from function secret sharing[C]//2022 IEEE Symposium on Security and Privacy(SP).NJ:IEEE,2022:2450-2468.
[6]DUAN J,ZHOU J,LI Y,et al.Privacy-preserving and verifiable deep learning inference based on secret sharing[J].Neurocomputing,2022,483:221-234.
[7]LEE J W,KANG H C,LEE Y,et al.Privacy-preserving machine learning with fully homomorphic encryption for deep neural network[J].IEEE Access,2022,10:30039-30054.
[8]KNOTT B,VENKATARAMAN S,HANNUN A,et al.Cryp-ten:Secure multi-party computation meets machine learning[J].Advances in Neural Information Processing Systems,2021,34:4961-4973.
[9]SONGHORI E M,ZEITOUNI S,DESSOUKY G,et al.Garbledcpu:a mips processor for secure computation in hardware[C]//Proceedings of the 53rd Annual Design Automation Conference.NJ:IEEE,2016:1-6.
[10]NAOR M,NISSIM K.Communication preserving protocols for secure function evaluation[C]//Proceedings of the Thirty-third Annual ACM Symposium on Theory of Computing.NY:ACM,2001:590-599.
[11]YAO A C C.How to generate and exchange secrets[C]//27th Annual Symposium on Foundations of Computer Science(sfcs 1986).NJ:IEEE,1986:162-167.
[12]CHOU T,ORLANDI C.The simplest protocol for oblivioustransfer[C]//International Conference on Cryptology and Information Security in Latin America.Berlin:Springer,2015:40-58.
[13]KHOKHAR A A,PRASANNA V K,SHAABAN M E,et al.Heterogeneous computing:Challenges and opportunities[J].Computer,1993,26(6):18-27.
[14]MITTAL S,VETTER J S.A survey of CPU-GPU heteroge-neous computing techniques[J].ACM Computing Surveys(CSUR),2015,47(4):1-35.
[15]BRODTKORB A R,DYKEN C,HAGEN T R,et al.State-of-the-art in heterogeneous computing[J].Scientific Programming,2010,18(1):1-33.
[16]LIU X,OUNIFI H A,GHERBI A,et al.A hybrid GPU-FPGA-based computing platform for machine learning[J].Procedia Computer Science,2018,141:104-111.
[17]LEESER M,GUNGOR M,HUANG K,et al.Accelerating large garbled circuits on an FPGA-enabled cloud[C]//2019 IEEE/ACM International Workshop on Heterogeneous High-perfor-mance Reconfigurable Computing(H2RC).NJ:IEEE,2019:19-25.
[18]JÄRVINEN K,KOLESNIKOV V,SADEGHI A R,et al.Embedded SFE:Offloading server and network using hardware tokens[C]//International Conference on Financial Cryptography and Data Security.Berlin:Springer,2010:207-221.
[19]HUSSAIN S U,ROUHANI B D,GHASEMZADEH M,et al.Maxelerator:FPGA accelerator for privacy preserving multiply-accumulate(MAC) on cloud servers[C]//Proceedings of the 55th Annual Design Automation Conference.NJ:IEEE,2018:1-6.
[20]ROUHANI B D,HUSSAIN S U,LAUTER K,et al.ReDCrypt:real-time privacy-preserving deep learning inference in clouds using FPGAs[J].ACM Transactions on Reconfigurable Techno-logy and Systems(TRETS),2018,11(3):1-21.
[21]FANG X,IOANNIDIS S,LEESER M.Secure function evaluation using an fpga overlay architecture[C]//Proceedings of the 2017 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays.NY:ACM,2017:257-266.
[22]FANG X,IOANNIDIS S,LEESER M.SIFO:Secure computational infrastructure using FPGA overlays[J].International Journal of Reconfigurable Computing,2019,2019:1-18.
[23]HUSSAIN S U,KOUSHANFAR F.FASE:FPGA acceleration of secure function evaluation[C]//2019 IEEE 27th Annual International Symposium on Field-Programmable Custom Computing Machines(FCCM).NJ:IEEE,2019:280-288.
[24]WOLFE P F W.Enabling secure multi-party computation with FPGAs in the datacenter[D].Boston:Boston University,2021.
[25]HU X,LI M,TIAN J,et al.Efficient Homomorphic Convolution Designs on FPGA for Secure Inference[J].IEEE Transactions on Very Large Scale Integration(VLSI) Systems,2022,30(11):1691-1704.
[26]SONGHORI E M,HUSSAIN S U,SADEGHI A R,et al.Tinygarble:Highly compressed and scalable sequential garbled circuits[C]//2015 IEEE Symposium on Security and Privacy.NJ:IEEE,2015:411-428.
[27]KOLESNIKOV V,SCHNEIDER T.Improved garbled circuit:Free XOR gates and applications[C]//International Colloquium on Automata,Languages,and Programming.Berlin:Springer,2008:486-498.
[28]BEAVER D,MICALI S,ROGAWAY P.The round complexity of secure protocols[C]//Proceedings of the Twenty-second Annual ACM Symposium on Theory of Computing.NY:ACM,1990:503-513.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发