This tutorial is only available in Chinese.
为了方便大家快速了解隐语PSI的Benchmark,我们设计了10分钟上手手册,包含了亮点介绍、SecretFlow集群的易用搭建、Benchmark脚本、两方和三方PSI的Benchmark,希望能够帮助用户快速了解隐语PSI。
隐私集合求交(Private Set Intersection,简写为:PSI)是一类特定的安全多方计算(Multi-Party Computation, 即MPC)问题,其问题可以简单理解为:Alice 输入集合 X,Bob 输入集合 Y,双方执行 PSI 协议可以得到 X 和 Y 的交集,同时不在交集范围中的数据是受保护的,即 Alice 和 Bob 无法学习到除了交集以外的任何数据。
PSI协议有很多分类方法,按照底层依赖的密码学技术分类,主要包括:
- 基于公钥密码的PSI方案,包括:基于判定型密钥交换(Decisional Diffie-Hellman, DDH)的PSI方案和基于RSA盲签名的PSI方案;
- 基于不经意传输(Oblivious Transfer, OT)的PSI方案;
- 基于通用MPC的PSI方案,例如基于混淆电路(Garbled Circuit, GC)的PSI方案;
- 基于同态加密(Homomorphic Encryption, HE)的PSI方案。
PSI协议按照参与方的数量进行分类,可分为:
- 两方PSI:参与方为2个;
- 多方PSI:参与方>2个。
PSI协议按照所假设的安全模型分类,可分为:
- 半诚实模型的PSI;
- 恶意模型的PSI。
PSI协议按照设参与方的数据量差异,可分为:
- 平衡PSI:参与方的数据量差异不大;
- 非平衡PSI:参与方的数据量差异巨大,例如百万 vs 10亿。
SecretFlow SPU 实现了半诚实模型下的两方和三方PSI协议,计算安全强度是128-bit,统计安全强度是40-bit。
-
两方PSI协议:
- 基于DDH的PSI协议
- 基于DDH的PSI协议相对简单易于理解和实现,依赖的密码技术已被广泛论证,通信量低,但计算量较大。
- 隐语实现了基于椭圆曲线(Elliptic Curve)群的DDH PSI协议,支持的椭圆曲线类型包括:Curve25519,FourQ,SM2,Secp256k1等。
- 基于OT扩展的KKRT16
- KKRT16是第一个千万规模(
$2^{24}$ )数据量求交时间在1分钟之内的PSI方案,通信量较大; - 隐语实现了KKRT16协议,并参考了进年来的性能优化和安全改进方案,例如:stash-less CuckooHash,[GKWW20]中 FixedKey AES作为 correlation-robust 哈希函数。
- KKRT16是第一个千万规模(
- 基于PCG的RR22
- RR22 PSI依赖的PCG(Pseudorandom Correlation Generator)方案是近年来mpc方向的研究热点,相比KKRT16在计算量和通信两方面都有了很大改进,从成本(monetary cost)角度更能满足实际业务需求。PCG实现依赖了近年来发展迅速的Silent-Vole原语,隐语在自研的底层密码库YACL中已经实现了Silent-Vole相关原语。
- 基于DDH的PSI协议
-
三方PSI协议:
- 基于DDH的三方PSI协议
- 隐语自研了基于 ECDH 的三方 PSI 协议.注意我们实现的这个协议会泄漏两方交集大小,请自行判断是否满足使用场景的安全性。
- 基于DDH的三方PSI协议
-
非平衡PSI协议:
- 基于ECDH-OPRF的非平衡PSI协议
- 隐语实现并开源了基于ECDH-OPRF的非平衡PSI(Unbalanced PSI)协议,在数据量非平衡场景下能得到更好的性能。
- 具体来讲:与ECDH-PSI对比,ECDH-PSI需要在大数据集上进行两次加密操作;隐语实现的非平衡PSI只在大数据集上进行一次加密操作。所以在大数据集与小数据集的体量相差非常大的时候,总体计算量和运行时间大约仅是ECDH-PSI的$50%$。
- 非平衡PSI还把协议分成离线和在线(offline/online)两个阶段,在提前执行离线(offline)阶段,得到离线数据缓存的情形下,在线阶段只需少量时间即可得到交集结果。
- 基于ECDH-OPRF的非平衡PSI协议
- Python:3.10
- pip: >= 19.3
- OS: CentOS 7
- SecretFlow: 1.6.1b0
- CPU/Memory: 推荐最低配置是 8C16G
- 硬盘:500G
使用conda管理python环境,如果机器没有conda需要先安装,步骤如下:
sudo apt-get install wget
wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh
#sudo apt-get install wget
wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh
#安装
bash Miniconda3-latest-Linux-x86_64.sh
# 一直按回车然后输入yes
please answer 'yes' or 'no':
>>> yes
# 选择安装路径, 文件名前加点号表示隐藏文件
Miniconda3 will now be installed into this location:
>>> ~/.miniconda3
# 添加配置信息到 ~/.bashrc文件
Do you wish the installer to initialize Miniconda3 by running conda init? [yes|no]
[no] >>> yes
#运行配置信息文件
source ~/.bashrc
#测试是否安装成功
conda --version
# 创建干净的python环境
conda create -n sf-benchmark python=3.10
# 进入benchmark 环境
conda activate sf-benchmark
# 安装secretflow
pip install -U secretflow
# 创建一个sf-benchmark目录
mkdir sf-benchmark
cd sf-benchmark
验证安装是否成功 root目录下输入python然后回车;
>>> import secretflow as sf
>>> sf.init(['alice', 'bob', 'carol'], address='local')
>>> dev = sf.PYU('alice')
>>> import numpy as np
>>> data = dev(np.random.rand)(3, 4)
>>> sf.reveal(data)
如下图所示就代表环境搭建成功了
配置示例使用集群模式仿真模式,其它模式请参考secretfow部署文档。
创建ray header节点,选择一台机器为主机,在主机上执行如下命令,ip替换为主机的内网ip,命名为alice,端口选择一个空闲端口即可 注意:192.168.0.1 ip为mock的,请替换为实际的ip地址
RAY_DISABLE_REMOTE_CODE=true \
ray start --head --node-ip-address="192.168.0.1" --port="9394" --resources='{"alice": 8}' --include-dashboard=False
创建从属节点,在bob机器执行如下命令,ip依然填alice机器的内网ip,命名为bob,端口不变
RAY_DISABLE_REMOTE_CODE=true \
ray start --address="192.168.0.1:9394" --resources='{"bob": 8}'
创建从属节点,在carol机器执行如下命令,ip依然填alice机器的内网ip,命名为carol,端口不变
RAY_DISABLE_REMOTE_CODE=true \
ray start --address="192.168.0.1:9394" --resources='{"carol": 8}'
在python中测试节点是否启动成功,任意选一台机器输入python,执行下列代码,参数中address为头节点(alice)的地址,拿alice机器来验证,每输入一行下列代码回车一次:
>>> import secretflow as sf
>>> sf.init(['alice','bob'], address='192.168.0.1:9394')
>>> alice = sf.PYU('alice')
>>> bob = sf.PYU('bob')
>>> sf.reveal(alice(lambda x : x)(2))
>>> sf.reveal(bob(lambda x : x)(2))
如下图就代表节点创建成功了
同时我们也可以通过ray status去看节点的状态,前提是先进入sf环境(conda activate sf-benchmark)
把generate_psi.py脚本传到alice机器的root目录下,执行如下代码
# 生成三份一千万数据,默认交集50%
python3 generate_psi.py 10000000 10000000
# 生成三份一亿数据
python3 generate_psi.py 100000000 100000000
把生成的psi_1.csv cp到benchmark目录下,再通过scp的命令把psi_2.csv/psi_3.csv分别移到bob的benchmark目录下跟carol的benchark目录下
#100Mbps 10ms
tc qdisc add dev eth0 root handle 1: tbf rate 100mbit burst 256kb latency 800ms
tc qdisc add dev eth0 parent 1:1 handle 10: netem delay 10msec limit 8000
清除限制
tc qdisc del dev eth0 root
查看已有配置
tc qdisc show dev eth0
支持的平衡PSI协议列表:
- ECDH_PSI_2PC
- KKRT_PSI_2PC
- RR22_PSI_2PC
- ECDH_PSI_3PC
import sys
import time
import logging
from absl import app
import spu
import secretflow as sf
# init log
logging.basicConfig(stream=sys.stdout, level=logging.INFO)
# SPU settings
cluster_def = {
'nodes': [
# <<< !!! >>> replace <192.168.0.1:12945> to alice node's local ip & free port
{'party': 'alice', 'address': '192.168.0.1:12945', 'listen_address': '0.0.0.0:12945'},
# <<< !!! >>> replace <192.168.0.2:12946> to bob node's local ip & free port
{'party': 'bob', 'address': '192.168.0.2:12946', 'listen_address': '0.0.0.0:12946'},
# <<< !!! >>> if you need 3pc test, please add node here, for example, add carol as rank 2
# {'party': 'carol', 'address': '127.0.0.1:12347'},
],
'runtime_config': {
'protocol': spu.spu_pb2.SEMI2K,
'field': spu.spu_pb2.FM128,
},
}
def main(_):
# sf init
# <<< !!! >>> replace <192.168.0.1:9394> to your ray head
sf.init(['alice','bob'], address='192.168.0.1:9394')
alice = sf.PYU('alice')
bob = sf.PYU('bob')
carol = sf.PYU('carol')
# <<< !!! >>> replace path to real parties local file path.
input_path = {
alice: '/data/psi_1.csv',
bob: '/data/psi_2.csv',
# if run with `ECDH_PSI_3PC`, add carol
# carol: '/data/psi_3.csv',
}
output_path = {
alice: '/data/psi_output.csv',
bob: '/data/psi_output.csv',
# if run with `ECDH_PSI_3PC`, add carol
# carol: '/data/psi_output.csv',
}
select_keys = {
alice: ['id'],
bob: ['id'],
# if run with `ECDH_PSI_3PC`, add carol
# carol: ['id'],
}
spu = sf.SPU(cluster_def)
# prepare data
start = time.time()
reports = spu.psi_csv(
key=select_keys,
input_path=input_path,
output_path=output_path,
receiver='alice', # if `broadcast_result=False`, only receiver can get output file.
protocol='KKRT_PSI_2PC', # psi protocol
precheck_input=False, # will cost ext time if set True
sort=False, # will cost ext time if set True
broadcast_result=False, # will cost ext time if set True
)
print(f"psi reports: {reports}")
logging.info(f"cost time: {time.time() - start}")
sf.shutdown()
if __name__ == '__main__':
app.run(main)
支持的非平衡PSI协议列表:
- ECDH_OPRF_UB_PSI
import os
import sys
import time
import logging
import multiprocess
from absl import app
import spu
import secretflow as sf
#import random
# init log
logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
# SPU settings
cluster_def = {
'nodes': [
# <<< !!! >>> replace <192.168.0.1:17268> to alice node's local ip & free port
{'party': 'alice', 'address': '192.168.0.1:17268', 'listen_address': '0.0.0.0:17268'},
# <<< !!! >>> replace <192.168.0.2:17269> to bob node's local ip & free port
{'party': 'bob', 'address': '192.168.0.2:17269', 'listen_address': '0.0.0.0:17269'},
],
'runtime_config': {
'protocol': spu.spu_pb2.SEMI2K,
'field': spu.spu_pb2.FM128,
},
}
link_desc = {
'recv_timeout_ms': 3600000,
}
def main(_):
# sf init
# <<< !!! >>> replace <192.168.0.1:9394> to your ray head
sf.shutdown()
sf.init(['alice','bob'],address='192.168.0.1:9394',log_to_driver=True,omp_num_threads=multiprocess.cpu_count())
# init log
logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
alice = sf.PYU('alice')
bob = sf.PYU('bob')
offline_input_path = {
alice: 'dummyalice.csv',
bob: '/root/benchmark/unbalanced_200000w.csv',
}
select_keys = {
alice: ['id'],
bob: ['id'],
}
spu = sf.SPU(cluster_def, link_desc)
# offline
print("=====offline phase====")
start = time.time()
offline_output_path = {
alice: "/data/unbalanced_2000w_out.csv",
bob: "/data/unbalanced_200000w_out.csv",
}
offline_preprocess_path = "/root/benchmark/offline_out/offline_psi0107.csv"
secret_key = "000102030405060708090a0b0c0d0e0ff0e0d0c0b0a090807060504030201000"
secret_key_path = "/root/benchmark/secret_key.bin"
with open(secret_key_path, 'wb') as f:
f.write(bytes.fromhex(secret_key))
reports = spu.psi_csv(
key=select_keys,
input_path=offline_input_path,
output_path=offline_output_path,
receiver='alice', # if `broadcast_result=False`, only receiver can get output file.
protocol='ECDH_OPRF_UB_PSI_2PC_OFFLINE', # psi protocol
precheck_input=False, # will cost ext time if set True
sort=False, # will cost ext time if set True
broadcast_result=False, # will cost ext time if set True
bucket_size=10000000,
curve_type="CURVE_FOURQ",
preprocess_path=offline_preprocess_path,
ecdh_secret_key_path=secret_key_path,
)
#print(f"psi reports: {reports}")
logging.info(f"offline psi reports: {reports}")
logging.info(f"cost time: {time.time() - start}")
sf.shutdown()
if __name__ == '__main__':
app.run(main)import os
import sys
import time
# import random
import logging
import multiprocess
from absl import app
import spu
import secretflow as sf
# init log
logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
# SPU settings
cluster_def = {
'nodes': [
# <<< !!! >>> replace <192.168.0.1:17268> to alice node's local ip & free port
{'party': 'alice', 'address': '192.168.0.1:17268', 'listen_address': '0.0.0.0:17268'},
# <<< !!! >>> replace <192.168.0.2:17269> to bob node's local ip & free port
{'party': 'bob', 'address': '192.168.0.2:17269', 'listen_address': '0.0.0.0:17269'},
],
'runtime_config': {
'protocol': spu.spu_pb2.SEMI2K,
'field': spu.spu_pb2.FM128,
},
}
link_desc = {
'recv_timeout_ms': 3600000,
}
def main(_):
# sf init
# <<< !!! >>> replace <192.168.0.1:9394> to your ray head
sf.shutdown()
sf.init(['alice','bob'],address='192.168.0.1:9394',log_to_driver=True,omp_num_threads=multiprocess.cpu_count())
# init log
logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
alice = sf.PYU('alice')
bob = sf.PYU('bob')
# <<< !!! >>> replace path to real parties local file path.
online_input_path = {
alice: '/root/benchmark/unbalanced_2000w.csv',
bob: 'dummy.bob.csv',
}
output_path = {
alice: '/data/unbalanced_20000wvs2000w.csv',
bob: '/data/unbalanced_20000wvs2000w.csv',
}
select_keys = {
alice: ['id'],
bob: ['id'],
}
spu = sf.SPU(cluster_def, link_desc)
offline_preprocess_path = "/root/benchmark/offline_out/offline_psi0107.csv"
secret_key_path = "/root/benchmark/secret_key.bin"
# online
print("=====online phase====")
start = time.time()
reports = spu.psi_csv(
key=select_keys,
input_path=online_input_path,
output_path=output_path,
receiver='alice', # if `broadcast_result=False`, only receiver can get output file.
protocol='ECDH_OPRF_UB_PSI_2PC_ONLINE', # psi protocol
precheck_input=True, # will cost ext time if set True
sort=True, # will cost ext time if set True
broadcast_result=False, # will cost ext time if set True
bucket_size=100000000,
curve_type="CURVE_FOURQ",
preprocess_path=offline_preprocess_path,
ecdh_secret_key_path=secret_key_path,
)
#print(f"psi reports: {reports}")
logging.info(f"online psi reports: {reports}")
logging.info(f"cost time: {time.time() - start}")
sf.shutdown()
if __name__ == '__main__':
app.run(main)我们分别在不同的带宽、数据量、机器配置设定下测量了PSI协议的性能。其中:
- 隐语标准:带宽设定分别为LAN、100Mbps/10ms; 数据量涵盖1千万、1亿、10亿。
- 信通院标准:带宽设定分别为LAN、100Mbps/50ms,数据量涵盖1亿(标准测试)和10亿(大规模测试)。
时间单位默认为秒,m表示分钟,h表示小时。
| 机器配置 | 算法参数 | 协议 | 网络配置 | 1kw~1kw | 1亿~1亿 | 10亿~10亿 |
|---|---|---|---|---|---|---|
| 32C64G | receiver='alice', protocol='ECDH_PSI_2PC', curve_type='CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (FourQ) |
LAN | 73 | 723 | 7491 (2.08 h) |
| 100Mbps/10ms | 74 | 729 | 7387 (2.06 h) |
|||
| receiver='alice', protocol='ECDH_PSI_2PC', curve_type='CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (CURVE_25519) |
LAN | 110 | 1129 | 11377 (3.16 h) |
|
| 100Mbps/10ms | 115 | 1142 | 11504 (3.19 h) |
|||
| receiver='alice', protocol='ECDH_PSI_3PC', curve_type='CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-3PC (FourQ) |
LAN | 123 | 1170 | 13097 (3.63 h) |
|
| 100Mbps/10ms | 155 | 1499 | 17041 (4.7 h) |
|||
| receiver='alice', protocol='ECDH_PSI_3PC', curve_type='CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-3PC (CURVE_25519) (3个参与方持有相同数据的50%,最后交集占比50%) |
LAN | 203 | 2017 | 22717 (6.16 h) |
|
| 100Mbps/10ms | 239 | 2349 | 25807 (7.2 h) |
|||
| receiver='alice', protocol='KKRT_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
KKRT_PSI_2PC (百万分桶) |
LAN | 56 | 558 | 5970 (1.61 h) |
|
| 100Mbps/10ms | 144 | 1393 | 14295 (3.97 h) |
|||
| receiver='alice', protocol='RR22_FAST_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_FAST_PSI_2PC (百万分桶) |
LAN | 28 | 273 | 3176 (0.88 h) |
|
| 100Mbps/10ms | 63 | 575 | 6025 (1.6 h) |
|||
| receiver='alice', protocol='RR22_LOWCOMM_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_LOWCOMM_PSI_2PC (百万分桶) |
LAN | 31 | 317 | 3614 (1.00 h) |
|
| 100Mbps/10ms | 53 | 481 | 5310 (1.47 h) |
|||
| receiver='alice', protocol='RR22_MALICIOUS_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_MALICIOUS_PSI_2PC (百万分桶) |
LAN | 23 | 232 | 1791 (0.49 h) |
|
| 100Mbps/10ms | 82 | 705 | 6840 (1.9 h) |
|||
| 16C32G | receiver='alice', protocol='ECDH_PSI_2PC', curve_type='CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (FourQ) |
LAN | 96 | 991 | 2.82 h |
| 100Mbps/10ms | 97 | 991 | 2.79 h | |||
| receiver='alice', protocol='ECDH_PSI_2PC', curve_type='CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (CURVE_25519) |
LAN | 170 | 1730 | 4.8 h | |
| 100Mbps/10ms | 179 | 1790 | 5.02 h | |||
| receiver='alice', protocol='ECDH_PSI_3PC', curve_type='CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-3PC (FourQ) |
LAN | 174 | 1687 | 5.4 h | |
| 100Mbps/10ms | 209 | 2007 | 6.5 h | |||
| receiver='alice', protocol='ECDH_PSI_3PC', curve_type='CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-3PC (CURVE_25519) (3个参与方持有相同数据的50%,最后交集占比50%) |
LAN | 346 | 3456 | 10.6 h | |
| 100Mbps/10ms | 383 | 3781 | 11.7 h | |||
| receiver='alice', protocol='KKRT_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
KKRT_PSI_2PC (百万分桶) |
LAN | 55 | 565 | 2.05 h | |
| 100Mbps/10ms | 147 | 1435 | 4.34 h | |||
| receiver='alice', protocol='RR22_FAST_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_FAST_PSI_2PC (百万分桶) |
LAN | 31 | 273 | 1.17 h | |
| 100Mbps/10ms | 69 | 628 | 2.06 h | |||
| receiver='alice', protocol='RR22_LOWCOMM_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_LOWCOMM_PSI_2PC (百万分桶) |
LAN | 31 | 308 | 1.37 h | |
| 100Mbps/10ms | 58 | 545 | 1.87 h | |||
| receiver='alice', protocol='RR22_MALICIOUS_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_MALICIOUS_PSI_2PC (百万分桶) |
LAN | 23 | 184 | 0.57 h | |
| 100Mbps/10ms | 86 | 737 | 2.05 h | |||
| 8C16G | receiver='alice', protocol='ECDH_PSI_2PC', curve_type='CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (FourQ) |
LAN | 145 | 1453 | 4.12 h |
| 100Mbps/10ms | 147 | 1470 | 4.14 h | |||
| receiver='alice', protocol='ECDH_PSI_2PC', curve_type='CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (CURVE_25519) |
LAN | 302 | 3021 | 8.4 h | |
| 100Mbps/10ms | 302 | 3025 | 8.4 h | |||
| receiver='alice', protocol='ECDH_PSI_3PC', curve_type='CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-3PC (FourQ) |
LAN | 277 | 2700 | 8.4 h | |
| 100Mbps/10ms | 313 | 3059 | 9.5 h | |||
| receiver='alice', protocol='ECDH_PSI_3PC', curve_type='CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-3PC (CURVE_25519) (3个参与方持有相同数据的50%,最后交集占比50%) |
LAN | 633 | 6298 | 19 h | |
| 100Mbps/10ms | 672 | 6661 | 20.18 h | |||
| receiver='alice', protocol='KKRT_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
KKRT_PSI_2PC (百万分桶) |
LAN | 59 | 570 | 2.0 h | |
| 100Mbps/10ms | 148 | 1441 | 4.3 h | |||
| receiver='alice', protocol='RR22_FAST_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_FAST_PSI_2PC (百万分桶) |
LAN | 31 | 277 | 1.19 h | |
| 100Mbps/10ms | 70 | 636 | 2.08 h | |||
| receiver='alice', protocol='RR22_LOWCOMM_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_LOWCOMM_PSI_2PC (百万分桶) |
LAN | 35 | 319 | 1.41 h | |
| 100Mbps/10ms | 59 | 550 | 1.86 h | |||
| receiver='alice', protocol='RR22_MALICIOUS_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_MALICIOUS_PSI_2PC (百万分桶) |
LAN | 25 | 194 | 0.6 h | |
| 100Mbps/10ms | 80 | 734 | 2.05 h |
- ECDH:对网络配置不敏感,对计算资源敏感,适合带宽较低、计算配置较高的使用场景;
- KKRT:网络设置为100Mbps时,带宽成为瓶颈。通常用于两方数据量均衡时,适合高带宽的使用场景;
| 机器配置 | 算法参数 | 协议 | 大规模 (10亿~10亿) (100Mbps/50ms) |
标准 1亿~1亿 (LAN) |
|---|---|---|---|---|
| 32C256G | "receiver='alice', protocol='ECDH_PSI_2PC', curve_type = 'CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (CURVE_FOURQ) |
7764 (2.15 h) |
729 |
| "receiver='alice', protocol='ECDH_PSI_2PC', curve_type = 'CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH-PSI-2PC (CURVE_25519) |
11555 (3.2 h) |
1131 | |
| "receiver='alice', protocol='ECDH_OPRF_UB_PSI_2PC', curve_type = 'CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH_OPRF_UB_PSI_2PC (非平衡) (大规模 10亿&100w=50w) (标准 1亿&10w=5w) (CURVE_FOURQ) |
offline: 1428 (23m) offline: 300 (5m) |
offline: 139 offline: 31 |
|
| "receiver='alice', protocol='ECDH_PSI_3PC', curve_type = 'CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH_PSI_3PC (CURVE_FOURQ) |
17599 (4.8 h) |
1172 | |
| "receiver='alice', protocol='ECDH_PSI_3PC', curve_type = 'CURVE_25519', precheck_input=False, sort=False, broadcast_result=False, |
ECDH_PSI_3PC (CURVE_25519) |
26220 (7.28 h) |
2022 | |
| "receiver='alice', protocol='ECDH_PSI_3PC', curve_type = 'CURVE_FOURQ', precheck_input=False, sort=False, broadcast_result=False, |
ECDH_PSI_3PC (非平衡) (大规模 10亿&10亿&100万=50) (标准 1亿&1亿&10万=5) (CURVE_FOURQ) |
12441 (3.45 h) |
894 | |
| "receiver='alice', protocol='KKRT_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
KKRT_PSI_2PC (百万分桶) |
30963 (8.6 h) |
554 | |
| "receiver='alice', protocol='RR22_FAST_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_FAST_PSI_2PC (百万分桶) |
6236 (1.7 h) |
280 | |
| "receiver='alice', protocol='RR22_LOWCOMM_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_LOWCOMM_PSI_2PC (百万分桶) |
5659 (1.57 h) |
323 | |
| "receiver='alice', protocol='RR22_MALICIOUS_PSI_2PC', precheck_input=False, sort=False, broadcast_result=False, |
RR22_MALICIOUS_PSI_2PC (百万分桶) |
14847 (4.12 h) |
203 |