CN118133326B - Data encryption transmission system based on chip - Google Patents
Data encryption transmission system based on chip Download PDFInfo
- Publication number
- CN118133326B CN118133326B CN202410554504.1A CN202410554504A CN118133326B CN 118133326 B CN118133326 B CN 118133326B CN 202410554504 A CN202410554504 A CN 202410554504A CN 118133326 B CN118133326 B CN 118133326B
- Authority
- CN
- China
- Prior art keywords
- data
- chip
- area
- ciphertext
- storing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 36
- 239000000872 buffer Substances 0.000 claims abstract description 28
- 102100035964 Gastrokine-2 Human genes 0.000 claims description 24
- 101001075215 Homo sapiens Gastrokine-2 Proteins 0.000 claims description 24
- 238000012795 verification Methods 0.000 claims description 22
- 238000012545 processing Methods 0.000 claims description 15
- 238000012546 transfer Methods 0.000 claims description 4
- 238000000034 method Methods 0.000 description 27
- 238000005070 sampling Methods 0.000 description 21
- 238000013507 mapping Methods 0.000 description 16
- 238000004364 calculation method Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000000873 masking effect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to the technical field of information safety, in particular to a data encryption transmission system based on a chip, which comprises a CPU module and a GPU module, wherein the CPU module comprises a main memory, the GPU module comprises a core computing unit, a safety management unit and a video memory, the main memory is used for storing ciphertext data and reasoning service programs, the video memory comprises a privacy area and a sharing area, the sharing area is used for storing the ciphertext data and a ring buffer area to be checked and signed, the privacy area is used for storing the reasoning service programs corresponding to the ring buffer area to be checked and signed, the core computing unit comprises a sharing storage, the sharing storage is used for storing decryption data, the core computing unit is forbidden to communicate with the main memory, and the privacy area is only used for storing the reasoning service programs, so that the situation that the decrypted data is read on the video memory is avoided.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a data encryption transmission system based on a chip.
Background
In an application scenario of large model weight data encryption transmission, embodiments one and two of the present invention provide a chip for data encryption transmission and a data encryption transmission method, which can effectively avoid that a client directly reads transmitted data.
However, the above methods are all based on the premise of higher data transmission security, and when using a video memory with poor security, such as GDDR and DDR, which is easily intercepted during data transmission, it is actually difficult to ensure the data transmission security by adopting the above methods.
Therefore, how to ensure the security of large model weight data transmission and privately deployed use under the condition of lower video memory security becomes a problem to be solved urgently.
Disclosure of Invention
Aiming at the technical problem, the fifth embodiment of the invention provides a data encryption transmission system based on a chip, which comprises a CPU module and a GPU module, wherein the CPU module comprises a main memory, and the GPU module comprises a core computing unit Xcore, a security management unit SMP and a GDDR video memory.
The main memory is used to store ciphertext data xdata and an inference service program kernel.
The GDDR video memory includes a privacy area and a shared area, which communicates with the main memory to obtain the ciphertext data xdata.
The shared area is used for storing the ciphertext data xdata and the ring buffer area to be checked, the ring buffer area to be checked is obtained by processing the reasoning service program kernel by the CPU module, and then the ring buffer area to be checked is sent to the shared area.
The privacy area is used for storing an inference service program kernel corresponding to the ring buffer area of the experience tag, and the ring buffer area of the experience tag is a result of the security management unit SMP performing signature verification on the ring buffer area to be checked.
The core computing unit Xcore includes a shared storage for storing decryption data ydata decrypted by the core computing unit Xcore from the ciphertext data xdata.
Compared with the prior art, the chip-based data encryption transmission system provided by the invention has obvious beneficial effects, can achieve quite technical progress and practicality, has wide industrial utilization value, and has at least the following beneficial effects:
The invention provides a data encryption transmission system based on a chip, which comprises a CPU module and a GPU module, wherein the CPU module comprises a main memory, and the GPU module comprises a core computing unit Xcore, a security management unit SMP and a GDDR video memory.
The main memory is used to store ciphertext data xdata and an inference service program kernel.
The GDDR video memory includes a privacy area and a shared area, which communicates with the main memory to obtain the ciphertext data xdata.
The shared area is used for storing the ciphertext data xdata and the ring buffer area to be checked, the ring buffer area to be checked is obtained by processing the reasoning service program kernel by the CPU module, and then the ring buffer area to be checked is sent to the shared area.
The privacy area is used for storing an inference service program kernel corresponding to the ring buffer area of the experience tag, and the ring buffer area of the experience tag is a result of the security management unit SMP performing signature verification on the ring buffer area to be checked.
The core computing unit Xcore includes a shared storage for storing decryption data ydata decrypted by the core computing unit Xcore from the ciphertext data xdata.
It can be known that, for the case that the GPU module uses the GDDR video memory with poor security, the data transmission process of the GDDR is easy to be stolen, so that the default GDDR video memory is not secure enough, in such a case, the core computing unit Xcore is prohibited from communicating with the main memory, so as to avoid the core computing unit Xcore directly writing the decrypted data into the unsafe main memory, and the privacy zone is different from the above embodiment, only used for storing the inference service program kernel, but not storing the decrypted data, so that the situation that the decrypted data is read on the GDDR video memory is avoided.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a chip supporting data encryption transmission according to a first embodiment of the present invention;
fig. 2 is a schematic flow chart of a data encryption transmission method based on a chip according to a second embodiment of the present invention;
fig. 3 is a flow chart of a chip-based reasoning service verification method according to a third embodiment of the present invention;
FIG. 4 is a flow chart of a method for checking a page table based on a chip according to a fourth embodiment of the present invention;
fig. 5 is a schematic diagram of a data encryption transmission system based on a chip according to a fifth embodiment of the present invention;
fig. 6 is a flow chart of a data encryption method according to a sixth embodiment of the present invention;
fig. 7 is a flow chart of a chip-based encryption reasoning method according to a seventh embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to fall within the scope of the invention.
Referring to fig. 1, a schematic structural diagram of a chip supporting data encryption transmission according to a first embodiment of the present invention is provided, where the chip includes a register access bus RN, a data access bus DN, N controlled devices { slave 1,slave2,…,slaven,…,slaveN }, M master devices { master 1,master2,…,masterm,…,masterM }, and a memory, and the chip further includes: the security management unit SMP, the programmable electronic fuse eFUSE and the trust memory management unit TMR, wherein slave n is the nth controlled device, n is an integer in the range of [1, N ], master m is the mth master device, and m is an integer in the range of [1, M ];
The N controlled devices, the M main control devices, the eFUSE and the SMP are all connected with the register access bus RN, the M main control devices, the security management unit SMP and the memory are all connected with the data access bus DN, and the N controlled devices are used for providing cache space for the M main control devices.
The security management unit SMP comprises K encryption engines, smp= { CE 1,CE2,…,CEk,…,CEK }, wherein CE k is the kth encryption engine, K is an integer in the range of [1, K ], and the encryption engines are used for decrypting the encrypted data received by the chip to obtain a decryption result.
The programmable electronic fuse eFUSE is used for providing a specific private key for the security management unit SMP as key information for decrypting the encrypted data, and the encrypted data is obtained by encrypting the original data through a public key corresponding to the specific private key.
The trusted memory management unit TMR divides a privacy zone in the memory, which is only accessible by a specific master device, the privacy zone being used for storing the decryption result.
Optionally, the master m corresponding unit is identified as UnitID m, the accessible identifier set AUnitID = { AUnitID 1,AUnitID2,…, AUnitIDw,…, AUnitIDW } of the privacy area, when UnitID m e AUnitID, the master m is used as the specific master, and the privacy area allows the master m to access, where W is a positive integer, and W is an integer in the range of [1, W ].
Specifically, the unit identifier corresponding to the master control device and the accessible identifier set of the privacy zone may be set by the security management unit SMP, and the security management unit SMP may control access rights of different master control devices to the privacy zone by setting the accessible identifier set, so as to avoid that the master control device with lower security degree accesses data with higher security requirement in the privacy zone.
Optionally, slave device slave n corresponds to first security level threshold mlevel n, master device master m corresponds to security level slevel n, and when slevel n≥mleveln, master m is allowed to access slave n.
Specifically, the first security level threshold and the security level corresponding to the master control device may be set by the security management unit SMP, so as to control access rights of different master control devices to different controlled devices, so as to avoid that intermediate data with higher security requirements in the controlled devices are accessed by the master control device with lower security level.
Optionally, the security level corresponding to the security management unit SMP is slevel N+1, and the programmable electronic fuse eFUSE further includes a second security level threshold state, where state > max (slevel n), n e [1, n ], and when slevel N+1 is greater than or equal to state, the security management unit SMP is allowed to access the programmable electronic fuse eFUSE.
Specifically, since state > max (slevel n), the programmable electronic fuse eFUSE does not allow any master access, while slevel N+1 +_state, means that the programmable electronic fuse eFUSE only allows the security management unit SMP access.
Alternatively, when the security management unit SMP updates the state at nstate, if nstate > state, the state= nstate is set in the programmable electronic fuse eFUSE.
Specifically, since nstate > state, state= nstate is made in the programmable electronic fuse eFUSE, the programmable electronic fuse eFUSE update can only raise its second security level threshold, but cannot lower the second security level threshold, so as to avoid that malicious update instructions lower the second security level threshold of the programmable electronic fuse eFUSE to enable a master device with poor security level to access the programmable electronic fuse eFUSE.
Optionally, the M master devices include at least a DMA unit, a core computing unit Xcore, and a CPU unit.
The DMA unit may refer to a direct memory access unit, so as to provide high-speed data transmission between the peripheral and the memory or between the memory and the memory, the core computing unit Xcore may be used for tasks such as floating point computation, texture unit and vertex processing, and the CPU unit may provide instructions to be executed for the chip.
Optionally, the encryption engine CE k comprises an asymmetric encryption algorithm RSA.
In an embodiment, the encryption engine may further include a hash algorithm SHA256, a symmetric encryption algorithm AES, etc. to provide signature verification, symmetric encryption, etc.
Optionally, the chip performs firmware verification at runtime.
In particular, the chip needs to ensure the integrity of the running program to prevent the firmware application from being tampered with, so that a trust relationship needs to be established between the firmware and the application, so that unsigned firmware or program cannot run on the chip, and at this time, the firmware application can be signed by using a firmware signing private key programmed in the programmable electronic fuse eFUSE to perform firmware signing when the chip runs.
Alternatively, the security management unit SMP uses the RISC-V instruction set.
The RISC-V instruction set may be referred to as a modular instruction set architecture, allowing various microprocessors to be designed, in this embodiment, through the RISC-V instruction set design to obtain the security management unit SMP.
In one embodiment, the memory may be divided into a plurality of physical address segments as a user storage area, and then a dedicated privacy area and a shared area are divided for each user storage area, so as to adapt to the situation of single-chip multiple users, so that vender can provide a chip leasing service, and meanwhile, ensure that data with higher security requirements among different users cannot be acquired by other users, and further enable the service supply side vender to provide trial services for privatizing and deploying large-model weight data in a lighter scale.
Referring to fig. 2, a flow chart of a chip-based data encryption transmission method is provided for a second embodiment of the present invention, and the data encryption transmission method is applied to a client based on the chip for data encryption transmission provided in the first embodiment, and includes:
s21, receiving the symmetric ciphertext data bF encrypted by the symmetric encryption key bkey transmitted by the service provider vender via the license server LICENSE SERVER disposed on the service provider, A key ciphertext ctext j 0 resulting from encrypting the symmetric encryption key bkey via an asymmetric encryption public key ckey j 0 and a chip D j that contains a particular asymmetric encryption private key ckey j 1, Wherein J is an integer in the range of [1, J ], J is the number of chips, ckey j 0 is the J-th asymmetric encryption public key, ctext j 0 is the J-th key ciphertext, ckey j 1 is the j-th asymmetric encryption private key, and a corresponding relationship exists between ckey j 0 and ckey j 1, D j is a j-th chip, which is the chip supporting data encryption transmission according to the first embodiment, the chip includes a security management unit SMP, a programmable electronic fuse eFUSE, a trusted memory management unit TMR and a memory, the trusted memory management unit TMR divides a privacy area and a shared area in the memory, the privacy area is only accessible by a specific master control device, the privacy area is used for storing the decryption result, the j-th asymmetric encryption private key ckey j 1 is programmed in the programmable electronic fuse eFUSE of the chip D j, The jth asymmetric encryption public key ctext j 0 is stored in the shared region;
S22, decrypting the symmetric ciphertext data bF by using a j-th chip D j to obtain a decryption result;
the step S22 further includes the steps of:
S221, a security management unit SMP in a j-th chip D j acquires a j-th asymmetric encryption private key ckey j 1 from a programmable electronic fuse eFUSE;
S222, the security management unit SMP decrypts the jth asymmetric encryption public key ctext j 0 stored in the shared area by using the jth asymmetric encryption private key ckey j 1 to obtain a symmetric encryption key bkey;
S223, the security management unit SMP decrypts the symmetric ciphertext data bF by using the symmetric encryption key bkey to obtain the decryption result;
and S224, storing the decryption result in the privacy area.
The j-th asymmetric encryption private key ckey j 1 has a corresponding relationship with the j-th chip D j, that is, the asymmetric encryption private keys corresponding to different chips are different, and because in the asymmetric encryption algorithm, the public key corresponds to the private key one by one, the j-th asymmetric encryption private key ckey j 1 can only decrypt the key ciphertext ctext j 0 obtained by encrypting the j-th asymmetric encryption public key ckey j 0, each chip can be considered to have a set of unique public key and private key, the private key is programmed in the programmable electronic fuse eFUSE of the chip, the public key is provided to the service supply side vender from the chip side, the service supply side vender encrypts the symmetric encryption key bkey through the received public key, and the encrypted key ciphertext ctext j 0 is transmitted to the client.
Specifically, since the jth asymmetric encryption private key ckey j 1 is programmed on the jth chip D j, that is, the jth asymmetric encryption private key ckey j 1 on the jth chip D j is not modifiable, after the client obtains the jth chip D j, only the jth asymmetric encryption private key ckey j 1 programmed thereon can be used, and the jth asymmetric encryption private key ckey j 1 cannot be directly read.
In one embodiment, the license server LICENSE SERVER deployed through the service provisioning side, Accepts encrypted data aF i 0 encrypted with the asymmetric encryption public key akey i 0 sent by the service providing side vender, And a chip C i containing a specific asymmetric encryption private key akey i 1, wherein C i includes a security management unit SMP, The programmable electronic fuse eFUSE and the memory, the memory comprises a privacy area and a sharing area, wherein I is an integer in the range of [1, I ], I is the number of chips, akey i 0 is the ith asymmetric encryption public key, aF i 0 is the ith encryption data, akey i 1 is the ith asymmetric encryption private key, There is a correspondence between the i-th asymmetric encryption private key akey i 1 and the i-th asymmetric encryption public key akey i 0, C i is the i-th chip, the i-th chip C i is used to decrypt the encrypted data aF i 0, The decryption result is obtained, wherein the security management unit SMP in the ith chip C i obtains the ith asymmetric encryption private key akey i 1 from the programmable electronic fuse eFUSE, The security management unit SMP decrypts the i-th encrypted data aF i 0 stored in the shared area using the i-th asymmetric encryption private key akey i 1, and obtaining a decryption result, and storing the decryption result in the privacy area.
In one embodiment, if at least two chips are used for mirrored dock deployment, the corresponding key ciphertext ctext j 0 is pulled from the license server LICENSE SERVER by the container-based cluster orchestration engine k8s according to the j-th asymmetric encryption public key ckey j 0.
In this scheme, the client can be prevented from directly obtaining plaintext data and the secret key of encryption information corresponding to the plaintext data, especially under the condition that the plaintext data has higher security requirement, in this embodiment, the plaintext data can be large model weight data, the large model weight data is encrypted and transmitted, abuse of the large model weight data by the client can be avoided, and the client can use the large model weight data only in a mode that ciphertext data and a chip are provided for the client in a combined way, so that the service supply side vender can avoid misuse without setting higher data selling price, thereby reducing pricing of the large model weight data to meet the marginal cost, adapting to the market requirement, and meanwhile, since the chip provides security and use limitation for the large model weight data, the service supply side vender can sell the large model weight data in a quantity, and reduce the cost of large model privatization deployment, for example, the personal client only purchases a small quantity of large model weight data and the chip, and can also privately deploy, on the other hand, the client can support the service supply side vender to provide the large model data in a small quantity, namely, and the client can purchase the client in a small quantity, and the situation that the client is required to be popularized and the large model is required to be increased according to the large-scale of the large model data.
Referring to fig. 3, a flow chart of a chip-based reasoning service verification method is provided for the third embodiment of the present invention, and the method is applied to a client, and further includes the following steps on the basis of the chip-based data encryption transmission method provided in the second embodiment:
S31, receiving a chip D i provided by a chip supply side, an inference service program kernel provided by a service supply side vender, a program signature ciphertext asign encrypted by the inference service program kernel through a second private key dkey and a public key ekey corresponding to the second private key dkey;
S32, checking and signing the program signature ciphertext asign by a chip D i according to a public key corresponding to a second private key dkey, wherein D i is an ith chip, the chip comprises a programmable electronic fuse eFUSE, and a third private key fkey is programmed in the programmable electronic fuse eFUSE;
s33, after the verification passes, executing an inference service program kernel by the chip D i;
S34, D i signs the firmware information of the chip D i by using the third private key fkey in the eFUSE to obtain a firmware information signature ciphertext bsign;
S35, the firmware information signature ciphertext bsign, and the public key gkey corresponding to the third private key fkey are sent to the service provider side vender, so that the service provider side vender uses the public key gkey corresponding to the third private key fkey to sign the firmware information signature ciphertext bsign.
Specifically, in this embodiment, the service provider vender provides the large model weight data to the client and simultaneously provides the inference service program, so that the client can apply the large model weight data to perform inference calculation, but after providing the inference service program, the client still needs to avoid tampering with related data stored by the CPU host by the client, where the related data may include driver, MQL PACKET and kernel object, so as to obtain a clear text of the large model weight data by writing the large model weight data in the privacy area to an unsafe location, and in this embodiment, the unsafe location may refer to a shared area.
After the signature passes, the chip D i executes the inference service program kernel, which may refer to loading the signature-verified inference service program kernel into the private area of the memory, and starting the inference service program kernel by the kernel driver (Kernel Mode Driver, KMD) using the address of the private area.
Optionally, the chip further includes a secure processing unit SMP, and the step S32 further includes the following steps:
s321, carrying out hash calculation on an inference server kernel by a chip D i through a security processing unit SMP to obtain a first hash value;
s322, the security processing unit SMP decrypts the program signature ciphertext asign by using the public key ekey corresponding to the second private key dkey to obtain a second hash value;
s323, comparing the first hash value with the second hash value, and if the comparison results are consistent, considering that the verification signature passes.
Optionally, the step S34 further includes the following steps:
s341, carrying out hash calculation on the firmware information by the chip D i through the security processing unit SMP to obtain a third hash value;
s342, the security processing unit SMP reads a third private key fkey from the programmable electronic fuse eFUSE;
S343, the security processing unit SMP encrypts the third hash value by using the third private key fkey to obtain a firmware information signature ciphertext bsign.
Alternatively, the hash calculation uses the SHA256 algorithm.
In one embodiment, the hash calculation may also be implemented using a hash algorithm such as MD5, SHA384, SHA512, etc., without limitation.
Optionally, the firmware information includes at least a firmware state, a time stamp, and a firmware program.
The firmware state and the firmware program can be used by the service provider vender to check whether the firmware is tampered by the client, and the timestamp can be used by the service provider vender to check whether the service usage time accords with the specification of the service provider in sales, so that the service provider vender can provide large model weight data and reasoning service programs according to time limits and effectively monitor the large model weight data and reasoning service programs, and the reliability of large model weight privatization deployment is further improved.
Optionally, after receiving the firmware information, the firmware information signature ciphertext bsign, and the public key gkey corresponding to the third private key fkey, the service provider vender performs the following steps:
Carrying out hash calculation on the firmware information to obtain a fourth hash value;
decrypting the firmware information signature ciphertext bsign by using a public key gkey corresponding to the third private key fkey to obtain the third hash value;
and comparing the third hash value with the fourth hash value, and if the comparison results are consistent, considering that the verification signature passes.
Optionally, if the comparison result of the comparison of the third hash value and the fourth hash value is inconsistent, the verification signature is considered to be failed, and the service provider vender stops providing the inference service program kernel through the license server LICENSE SERVER.
Optionally, the service provider vender performs signature verification on the received firmware information at a preset time point.
The verification of firmware information by the service provider vender may be performed by spot check, that is, according to a preset time point, since the service provider vender needs to provide data and services for clients, the spot check may be more suitable for the service provider vender, and reduce the verification pressure of the service provider vender, in this embodiment, the preset time point may be determined according to an initial time point atime and a time interval btime, and the preset time point ctime=atime+αBtime, α is a positive integer, and the practitioner should know that the preset time point can also be determined by adopting modes such as manual setting, and no matter what mode is adopted by the practitioner to determine the preset time point, the determination is within the protection scope of the scheme.
In the embodiment, the chip is used for verifying the reasoning service program kernel provided by the service supply side vender, and the reasoning service program kernel is executed after the verification is passed, so that the situation that the client side falsifies the reasoning service program kernel is avoided, the risk that a decryption result is read from a privacy area by the client side, an encryption key is stolen and the like is attacked is reduced, meanwhile, firmware information and a signature are provided for the service supply side vender, the service supply side vender can conduct spot check verification on the firmware information so as to accurately acquire the firmware execution situation of the reasoning service program, and the situations that the chip and data are overtime in use can be supervised.
Referring to fig. 4, a flow chart of a page table checking method based on a chip is provided for the fourth embodiment of the present invention, the method applies the chip, and based on the reasoning service verification method based on the chip provided in the third embodiment, the method further includes the following steps:
S41, receiving program information kernel obj and page table sent by client side clients, wherein the program information kernel obj at least comprises address information of an inference service program kernel in a memory, and the page table comprises an indication mapping relation of virtual addresses and physical addresses;
S42, checking a page table by using a preset mapping table to obtain a first checking result, wherein the preset mapping table comprises a reference mapping relation of a virtual address and a physical address;
S43, storing the page table in the privacy area of the memory when the first checking result is passed;
s44, converting the address information belonging to the virtual address into a target physical address by using a security management unit SMP;
S45, checking whether the target physical address is in the privacy zone or not by using a page table in the privacy zone to obtain a second checking result;
And S46, executing an inference service program kernel corresponding to the address information when the second checking result passes.
Optionally, the program information kernel obj is obtained by processing the reasoning service kernel through a user interface driven UMD in the client.
The user interface driven UMD may be used to allocate buffer buffers for the inference server kernel.
Optionally, the virtual address includes a private virtual address segment, the physical address includes a private physical address segment, and correspondingly, the preset mapping table includes a reference mapping 1 between the private virtual address segment and the private physical address segment, and the page table includes an indication mapping 2 between the private virtual address segment and the private physical address segment.
Optionally, the first checking result is that the condition mapping 2∈mapping1 is satisfied when the first checking result is passed.
When mapping 2∈ mapping1 is performed, it is indicated that the mapping relation between the private virtual address segment and the private physical address segment in the page table is defined in the preset mapping table, and the situation that the content of the private area is mapped to the shared area does not occur at this time, and the content of the private area can be considered to be safe.
Optionally, the translating the address information belonging to the virtual address into the target physical address using the security management unit SMP comprises:
The address information belonging to the virtual address is translated to the target physical address by the encryption engine CE in the SMP using TestXVM Function.
Optionally, the second inspection result when passed satisfies the condition: the target physical address is within the privacy zone.
Optionally, the program information kernel obj further includes an execution mode.
The execution mode may include an inference service program kernel execution, data copying, etc.
In this embodiment, in the case that the client can tamper with the page table to enable the chip to write the data in the privacy area into the unsafe shared area, the scope of the privacy area is determined by the preset mapping table agreed by the chip manufacturer and the service provider vender, and then whether the obtained page table is compliant is checked according to the mapping scope of the address segment corresponding to the privacy area in the preset mapping table, so that the risk of tampering of the page table is avoided, and the target physical address is checked and then executed, and the risk of the chip caused by executing the uncollected reasoning service program kernel is avoided, so that the situation that the client steals the data with higher security by tampering with the page table is effectively avoided.
Referring to fig. 5, a data encryption transmission system based on a chip is provided for a fifth embodiment of the present invention, where the system includes a CPU module and a GPU module, where the CPU module includes a main memory, and the GPU module includes a core computing unit Xcore, a security management unit SMP, and a GDDR video memory;
the main memory is used for storing ciphertext data xdata and an inference service program kernel;
The GDDR video memory comprises a privacy area and a sharing area, wherein the sharing area is communicated with the main memory to acquire ciphertext data xdata;
The shared area is used for storing ciphertext data xdata and an annular buffer area to be checked, the annular buffer area to be checked is obtained by processing an inference service program kernel by the CPU module and then is sent to the shared area;
The privacy area is used for storing an inference service program kernel corresponding to the annular buffer area of the experience tag, wherein the annular buffer area of the experience tag is a result of signature verification passing of the annular buffer area to be checked by the security management unit SMP;
The core computing unit Xcore includes a shared storage for storing decrypted data ydata, which is decrypted by the core computing unit Xcore from the ciphertext data xdata.
Optionally, the main memory is further used for storing a signature ciphertext, and the signature ciphertext is used for providing the signature ciphertext to the security management unit SMP so as to perform signature verification on the ring buffer to be checked.
Optionally, the GPU module further includes a data transfer unit DMA, where the data transfer unit DMA is configured to perform data transfer between the main memory and the shared area.
Optionally, the shared region is also used to store page tables, computation intermediate data of the core computation unit Xcore, and multi-card reasoning intermediate data.
Alternatively, both the security management unit SMP and the core computation unit Xcore are connected only to the GDDR video memory.
Optionally, the security management unit SMP is further configured to divide the GDDR video memory into a private area and a shared area.
Optionally, the shared area communicates with the host memory through PCIe.
It should be noted that, the scheme can be applied to a video card using a video memory with poor security, and the GDDR video memory is only an example, and is not limited to the GDDR video memory, and the video memory with poor security can also include DDR video memory and the like.
In this embodiment, for the case that the GPU module uses the poor-security video memory such as the GDDR video memory, the data transmission process of the GDDR is easy to be stolen, so that the default GDDR video memory is not secure enough, in such a case, the core computing unit Xcore is prohibited from communicating with the main memory, so as to avoid the core computing unit Xcore directly writing the decrypted data into the unsafe main memory, and the privacy area is only used for storing the inference service program kernel, but not storing the decrypted data, so that the situation that the decrypted data is read on the GDDR video memory is avoided, and it is required to be explained that, when the method is applied to the large-model weight data, the core computing unit Xcore needs to be frequently swapped in and swapped out, and the shared memory only needs to store a small amount of data, so that when the method is swapped in and swapped out, the method needs to decrypt again to obtain the new data, thereby sacrificing part of the inference efficiency, but can effectively improve the security of the data in the GDDR video memory environment.
Referring to fig. 6, a data encryption method provided in a sixth embodiment of the present invention is applied to a service provider vender, and further includes the following steps on the basis of the data encryption transmission method based on the chip provided in the second embodiment:
S61, carrying out P times of random sampling on original weight data Odata= { Odata 1,odata2,…,odataq,…,odataQ } to obtain P sampling results, wherein Odata q is the q weight, and q is an integer in the range of [1, Q ];
s62, carrying out shielding treatment on the P sampling results in the original weight data Odata to obtain shielding data Mdata;
S63, configuring a preset model by using the shielding data Mdata;
S64, executing an inference service program kernel on the verification sample by using the configured preset model to obtain an inference result out 1;
S65, calculating a difference degree value between a real reasoning result out 2 and a reasoning result out 1 corresponding to the verification sample;
S66, when the difference degree value is larger than a preset threshold value, the sampling result is encrypted by using a symmetric key gkey to obtain symmetric ciphertext data gtext;
S67, the symmetric ciphertext data gtext, the occlusion data Mdata, the asymmetric encryption public key hkey, the key ciphertext htext obtained by encrypting the symmetric key gkey by the asymmetric encryption public key hkey, and the chip with the asymmetric encryption private key ikey written with the corresponding asymmetric encryption public key hkey are sent to the client.
Optionally, P random samples are performed on the original weight data oda= { Odata 1,odata2,…,odataq,…,odataQ } to obtain P sampling results, including:
Taking 1/P as the sampling probability of each weight;
And according to the sampling probability of the all weights, carrying out P times of random sampling on the weights in the original weight data Odata to obtain P sampling results.
Optionally, when the P sampling results do not meet the preset condition, the step S61 is executed in a return manner.
Specifically, in one embodiment, the implementer may further perform P non-return sampling on the weights in the original weight data Odata in turn, so as to directly obtain P sampling results different from each other, where each time there is no return sampling, the sampling probability of each non-sampled weight is 1/R, and R is the number of non-sampled weights.
Optionally, the preset condition is that the P sampling results are different from each other.
Optionally, the masking processing is performed on the P sampling results in the original weight data Odata to obtain masking data Mdata, which includes:
and setting the weight corresponding to the sampling result in the original weight data Odata as a preset value to obtain shielding data Mdata.
Optionally, the preset value is set to zero.
Specifically, for example, if the 1 st weight odata 1 is the sampling result, the occlusion data Mdata = {0, odata 2,…,odataq,…,odataQ }.
Optionally, the difference degree value is calculated using a euclidean distance.
Optionally, when the difference degree value is less than or equal to a preset threshold, S61 is executed back.
Specifically, when the difference degree value is smaller than or equal to a preset threshold value, it is indicated that the blocked weight is difficult to effectively influence the reasoning accuracy of the weight data, and the encryption effect cannot be achieved even if the sampling result is encrypted.
Optionally, the client decrypts the key ciphertext htext using the asymmetric encryption private key ikey to obtain the symmetric key gkey;
Decrypting the symmetric ciphertext data gtext by using the symmetric key gkey to obtain the sampling result;
And determining original weight data Odata according to the sampling result and the shielding data Mdata, wherein the original weight data Odata is used for configuring a local model by the client to execute an inference service program kernel.
In this embodiment, the encryption processing of the large model weight data is performed in the manner of encrypting the partial weight data, so that the encryption effect is ensured, the calculation amount of encryption and decryption is reduced, and the efficiency of the data encryption and decryption process is improved.
Referring to fig. 7, a flow chart of a chip-based encryption reasoning method provided in a seventh embodiment of the present invention is provided, and based on the chip-based data encryption transmission method provided in the second embodiment, the method further includes the following steps:
s71, receiving a first parameter ciphertext item, a second parameter ciphertext jtext, a key ciphertext ktext, plaintext weight data Ndata, plaintext bias data Rdata, and a chip provided by a chip supply side, which are encrypted by a symmetric key jkey and sent by a service supply side vender, wherein the key ciphertext ktext is obtained by encrypting a symmetric key jkey by an asymmetric encryption public key lkey, and the chip is provided by the chip supply side and is burnt with an asymmetric encryption private key mkey corresponding to the asymmetric encryption public key lkey;
s72, decrypting the key ciphertext ktext by using the asymmetric encryption private key mkey in the chip to obtain a symmetric key jkey;
S73, decrypting the first parameter ciphertext item and the second parameter ciphertext jtext by using the symmetric key jkey to obtain a first parameter beta and a second parameter gamma;
S74, multiplying the first parameter beta by the plaintext weight data Ndata to obtain a first multiplication result as reasoning weight data Pdata;
s75, multiplying the second parameter gamma and the plaintext bias data Rdata to obtain a second multiplication result as reasoning bias data Qdata;
S76, executing an inference service program according to the inference weight data Pdata and the inference bias data Qdata.
Optionally, the chip includes a programmable electronic fuse eFUSE, and the asymmetric encryption private key mkey is programmed into the programmable electronic fuse eFUSE.
Optionally, the chip further includes a security management unit SMP, where the security management unit SMP is configured to perform a decryption operation.
Optionally, the programmable electronic fuse eFUSE is only accessible by the security management unit SMP.
Optionally, the chip further includes a trusted memory management unit TMR and a memory, where the trusted memory management unit TMR divides a privacy area in the memory, and the privacy area is used for storing the first parameter β and the second parameter γ.
Optionally, the trusted memory management unit TMR further divides the memory into a shared area, where the shared area is used to store the first parameter ciphertext item, the second parameter ciphertext jtext, the key ciphertext ktext, the plaintext weight data Ndata and the plaintext bias data Rdata.
Optionally, the chip further includes a core computing unit Xcore, and the core computing unit Xcore is configured to execute the inference service program according to the inference weight data Pdata and the inference bias data Qdata.
Alternatively, the core computing unit Xcore accesses the shared area to obtain the plaintext weight data Ndata and the plaintext bias data Rdata, accesses the privacy area to obtain the first parameter β and the second parameter γ, and the core computing unit Xcore performs steps S74 to S76.
In this embodiment, by changing the calculation mode of the inference service program, new first parameters and second parameters are additionally added, encryption processing is only performed on the first parameters and the second parameters, and the client can recover the weight and the bias conforming to the inference service program, so that the encryption effect is ensured, the calculation amount of encryption and decryption is greatly reduced, the efficiency of the data encryption and decryption process is improved, and meanwhile, under the condition of multiple clients, the service supply side vender can provide different first parameters and second parameters and corresponding plaintext weight data and plaintext bias data for different clients, so that the data provided by the service supply side vender can be effectively ensured not to be abused.
While certain specific embodiments of the invention have been described in detail by way of example, it will be appreciated by those skilled in the art that the above examples are for illustration only and are not intended to limit the scope of the invention. Those skilled in the art will also appreciate that many modifications may be made to the embodiments without departing from the scope and spirit of the invention. The scope of the invention is defined by the appended claims.
Claims (7)
1. The data encryption transmission system based on the chip is characterized by comprising a CPU module and a GPU module, wherein the CPU module comprises a main memory, and the GPU module comprises a core computing unit Xcore, a security management unit SMP and a GDDR video memory;
the main memory is used for storing ciphertext data xdata and an inference service program kernel;
The GDDR video memory comprises a privacy area and a sharing area, wherein the sharing area is communicated with the main memory to acquire the ciphertext data xdata;
The shared area is used for storing the ciphertext data xdata and a ring buffer area to be checked, the ring buffer area to be checked is obtained by processing the reasoning service program kernel by the CPU module and then is sent to the shared area;
The privacy area is used for storing an inference service program kernel corresponding to the ring buffer area of the experience tag, wherein the ring buffer area of the experience tag is a result of the security management unit SMP performing signature verification on the ring buffer area to be checked;
The core computing unit Xcore includes a shared storage for storing decryption data ydata decrypted by the core computing unit Xcore from the ciphertext data xdata.
2. The chip-based data encryption transmission system of claim 1, wherein the main memory is further configured to store a signature ciphertext, the signature ciphertext being configured to be provided to the security management unit SMP for signature verification of the ring buffer to be signed.
3. The chip-based data encryption transmission system of claim 1, wherein the GPU module further comprises a data transfer unit DMA for transferring data between the host and the shared area.
4. The chip-based data encryption transmission system of claim 1, wherein the shared area is further used to store page tables, computation intermediate data of the core computation unit Xcore, and multi-card reasoning intermediate data.
5. The chip-based data encryption transmission system according to claim 1, wherein the security management unit SMP and the core computing unit Xcore are connected only to the GDDR video memory.
6. The chip-based data encryption transmission system according to claim 1, wherein the security management unit SMP is further configured to divide the GDDR video memory into the privacy area and the sharing area.
7. The chip-based data encryption transmission system of claim 1, wherein the shared area communicates with the host via PCIe.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410554504.1A CN118133326B (en) | 2024-05-07 | 2024-05-07 | Data encryption transmission system based on chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410554504.1A CN118133326B (en) | 2024-05-07 | 2024-05-07 | Data encryption transmission system based on chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN118133326A CN118133326A (en) | 2024-06-04 |
| CN118133326B true CN118133326B (en) | 2024-07-05 |
Family
ID=91233026
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410554504.1A Active CN118133326B (en) | 2024-05-07 | 2024-05-07 | Data encryption transmission system based on chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118133326B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119721260A (en) * | 2025-02-27 | 2025-03-28 | 山东浪潮科学研究院有限公司 | Medical data security reasoning method and system based on hardware collaboration |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112363801A (en) * | 2020-11-10 | 2021-02-12 | 海光信息技术股份有限公司 | Virtual machine migration method, processing method, system, device, chip and medium |
| CN115859269A (en) * | 2021-09-24 | 2023-03-28 | 辉达公司 | Secure execution of multiple processor devices using trusted execution environment |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107040369B (en) * | 2016-10-26 | 2020-02-11 | 阿里巴巴集团控股有限公司 | Data transmission method, device and system |
| EP4546175A3 (en) * | 2018-10-09 | 2025-06-18 | Huawei Technologies Co., Ltd. | Chip, private key generation method, and trusted certification method |
| US11934330B2 (en) * | 2020-05-08 | 2024-03-19 | Intel Corporation | Memory allocation for distributed processing devices |
| US20230090973A1 (en) * | 2021-09-21 | 2023-03-23 | Intel Corporation | Immediate offset of load store and atomic instructions |
| CN116886356B (en) * | 2023-07-04 | 2024-02-02 | 广州链融信息技术有限公司 | Chip-level transparent file encryption storage system, method and equipment |
-
2024
- 2024-05-07 CN CN202410554504.1A patent/CN118133326B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112363801A (en) * | 2020-11-10 | 2021-02-12 | 海光信息技术股份有限公司 | Virtual machine migration method, processing method, system, device, chip and medium |
| CN115859269A (en) * | 2021-09-24 | 2023-03-28 | 辉达公司 | Secure execution of multiple processor devices using trusted execution environment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN118133326A (en) | 2024-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11088846B2 (en) | Key rotating trees with split counters for efficient hardware replay protection | |
| US20240126930A1 (en) | Secure Collaboration Between Processors And Processing Accelerators In Enclaves | |
| US10372628B2 (en) | Cross-domain security in cryptographically partitioned cloud | |
| CN102208001B (en) | Hardware-supported virtualized cryptographic service | |
| US9734357B2 (en) | Process authenticated memory page encryption | |
| CN101241527B (en) | System and method for ordinary authentication | |
| JP4876053B2 (en) | Trusted device integrated circuit | |
| CN111090869B (en) | A data encryption method, processor and computer equipment | |
| CN110447032A (en) | Storage page between management program and virtual machine converts monitoring | |
| CN109844748A (en) | Security services hosted in a virtual security environment | |
| US20210117805A1 (en) | Inference apparatus, and inference method | |
| CN118133326B (en) | Data encryption transmission system based on chip | |
| CN111949372B (en) | A virtual machine migration method, general-purpose processor and electronic device | |
| CN105283921A (en) | Non-volatile memory operations | |
| Shrivastava et al. | Securator: A fast and secure neural processing unit | |
| CN113704041A (en) | Secure debugging of FPGA designs | |
| US12013954B2 (en) | Scalable cloning and replication for trusted execution environments | |
| CN118395518A (en) | A chip-based page table checking method | |
| CN116346316A (en) | Process object key update during process creation in secret-state computing | |
| CN114244565B (en) | Key distribution method, device, equipment and storage medium | |
| US8972745B2 (en) | Secure data handling in a computer system | |
| CN103745170B (en) | The processing method and processing device of data in magnetic disk | |
| CN107239682A (en) | A kind of computer internet information safety control system based on cloud computing | |
| CN114629643B (en) | Key processing method, device and medium | |
| JP2009064126A (en) | Ic card system, terminal device therefor and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |