CN-122027280-A - Encryption card-based model loading and reasoning method, device, equipment and medium

Abstract

The application discloses a model loading and reasoning method, device, equipment and medium based on an encryption card, which relate to the technical field of computer security and artificial intelligence and comprise the steps of carrying out integrity verification on a model ciphertext and a seal bill by using a public key and a signature value in the encryption card when a model loading request is received; if the integrity verification is passed, the seal bill is unpacked, the target environment measurement value in the seal bill is matched with the current target environment measurement value of the system, if the matching is successful, the seal bill is decrypted by using a private key to obtain a model encryption key, the model ciphertext is decrypted by using the model encryption key to obtain a target model, and the target model is loaded into a memory area of an accelerator and reasoning is executed in the memory area. The method can solve the problems that the model faced by the AI reasoning integrated machine in edge computing and privately-arranged is stolen, the running environment is not credible, and the hardware level verification of the heterogeneous environment is lacked, and the performance is bottleneck.

Inventors

• KUANG QIHE
• GU JINDONG
• WANG TINGPING
• ZHENG JIANG
• XIAO ZUONAN

Assignees

• 苏州国芯科技股份有限公司

Dates

Publication Date

20260512

Application Date

20260211

Claims (10)

1. 1. The encryption card-based model loading and reasoning method is characterized by comprising the following steps of: When a model loading request is received, carrying out integrity verification on a model ciphertext and a seal bill by using a public key in an encryption card and a signature value, wherein the signature value is obtained by signing the model ciphertext and the seal bill by using a private key in the encryption card; If the integrity verification is passed, unsealing the seal bill, and matching a target environment measurement value in the seal bill with a current target environment measurement value of a system; If the matching is successful, decrypting the seal bill by using the private key to obtain the model encryption key; Decrypting the model ciphertext by using the model encryption key to obtain the target model; and loading the target model into a memory area of the accelerator and performing reasoning in the memory area.
2. 2. The model loading and reasoning method of claim 1, further comprising: Calling an encryption card to generate a model encryption key and encrypting the target model by using the encryption key to obtain a model ciphertext; extracting a target environment metric value when the system is started initially, and sealing the model encryption key and the target environment metric value by using a public key in an encryption card to obtain the sealing bill; Signing the model ciphertext and the seal bill by using the private key in the encryption card to obtain the signature value; And storing the model ciphertext, the seal bill and the signature value in a local encryption storage device.
3. 3. The model loading and reasoning method of claim 1, further comprising: Receiving a random number sent by remote equipment; obtaining a platform configuration register value and a hash value of a current loading model; Digitally signing the random number, the platform configuration register value and the hash value of the current loading model by using the private key to obtain a proving report; the attestation report is sent to the remote device for verification of the attestation report using the public key and an expected platform configuration register value and an expected hash value by the remote device.
4. 4. The model loading and reasoning method of claim 1, further comprising: performing trusted environment measurement in the process of system startup and application loading; and storing the trusted environment measurement result in a platform configuration register of the encryption card.
5. 5. The model loading and reasoning method of claim 1, wherein the private key is stored in a secure storage area physically isolated from the encryption card, and the private key is not available from the card.
6. 6. The model loading and reasoning method of claim 1, further comprising: and in the model reasoning process, encrypting or signing the reasoning data stream by using the encryption card.
7. 7. The model loading and reasoning method of claim 1, wherein the target environment metric value comprises a reference hash value in a platform configuration register and a cryptographic card fingerprint, the cryptographic card fingerprint being a unique identification of the cryptographic card.
8. 8. A model loading and reasoning device based on an encryption card, comprising: The system comprises a verification module, a verification module and a verification module, wherein the verification module is used for carrying out integrity verification on a model ciphertext and a seal bill by using a public key in an encryption card and a signature value, the signature value is obtained by signing the model ciphertext and the seal bill by using a private key in the encryption card, the model ciphertext is obtained by encrypting a target model by using an encryption key generated by the encryption card, and the seal bill is obtained by sealing the model encryption key and a target environment measurement value by using the public key in the encryption card; The deblocking module is used for deblocking the seal bill and matching the target environment metric value in the seal bill with the current target environment metric value of the system if the integrity verification is passed; The first decryption module is used for decrypting the seal bill by using the private key if the matching is successful, so as to obtain the model encryption key; The second decryption module is used for decrypting the model ciphertext by using the model encryption key to obtain the target model; and the loading module is used for loading the target model to a memory area of the accelerator and executing reasoning in the memory area.
9. 9. An electronic device, comprising: A memory for storing a computer program; A processor for implementing the steps of the cryptographic card based model loading and reasoning method as claimed in any of claims 1 to 7 when executing the computer program.
10. 10. A computer readable storage medium, characterized in that it has stored thereon a computer program which, when executed by a processor, implements the steps of the cryptographic card based model loading and reasoning method of any of claims 1 to 7.

Description

Encryption card-based model loading and reasoning method, device, equipment and medium Technical Field The application relates to the technical field of computer security and artificial intelligence, in particular to a model loading and reasoning method, device, equipment and medium based on an encryption card. Background Along with the popularization of artificial intelligence technology, an AI (ARTIFICIAL INTELLIGENCE ) reasoning integrated machine is widely applied to the fields of finance, security, medical treatment and the like. However, the existing AI reasoning integrated machine has the following technical defects that 1, model assets are easy to run off, once the system is started and mounted in the existing disk encryption technology, model files are visible to an operating system and are easily copied and stolen by internal personnel or hackers. 2. The operating environment is not trusted, and if malicious code (e.g., rootkit) is implanted into the operating system or driver, it may tamper with the inference logic or steal the input data, which is difficult for conventional application layer security software to detect kernel level attacks. 3. Heterogeneous computing security blind areas, namely the existing trusted computing technology (such as TPM) mainly focuses on measurement of the CPU side, and is difficult to effectively cover the model loading state and the security of the stored data on acceleration cards such as GPU/NPU and the like. 4. The performance bottleneck is that the CPU is completely relied on to carry out high-strength encryption reasoning or homomorphic encryption operation, so that reasoning delay is greatly increased, and the real-time requirement cannot be met. Therefore, how to solve the above technical defects has become a technical problem to be solved by those skilled in the art. Disclosure of Invention The application aims to provide a model loading and reasoning method, device, equipment and medium based on an encryption card, which can solve the problems that an AI reasoning integrated machine is stolen in an edge computing and privatizing deployment, an operation environment is not credible, and hardware level verification and performance bottleneck of a heterogeneous environment are lacked. In order to solve the technical problems, the application provides a model loading and reasoning method based on an encryption card, which comprises the following steps: When a model loading request is received, carrying out integrity verification on a model ciphertext and a seal bill by using a public key in an encryption card and a signature value, wherein the signature value is obtained by signing the model ciphertext and the seal bill by using a private key in the encryption card; If the integrity verification is passed, unsealing the seal bill, and matching a target environment measurement value in the seal bill with a current target environment measurement value of a system; If the matching is successful, decrypting the seal bill by using the private key to obtain the model encryption key; Decrypting the model ciphertext by using the model encryption key to obtain the target model; and loading the target model into a memory area of the accelerator and performing reasoning in the memory area. In some embodiments, further comprising: Calling an encryption card to generate a model encryption key and encrypting the target model by using the encryption key to obtain a model ciphertext; extracting a target environment metric value when the system is started initially, and sealing the model encryption key and the target environment metric value by using a public key in an encryption card to obtain the sealing bill; Signing the model ciphertext and the seal bill by using the private key in the encryption card to obtain the signature value; And storing the model ciphertext, the seal bill and the signature value in a local encryption storage device. In some embodiments, further comprising: Receiving a random number sent by remote equipment; obtaining a platform configuration register value and a hash value of a current loading model; Digitally signing the random number, the platform configuration register value and the hash value of the current loading model by using the private key to obtain a proving report; the attestation report is sent to the remote device for verification of the attestation report using the public key and an expected platform configuration register value and an expected hash value by the remote device. In some embodiments, further comprising: performing trusted environment measurement in the process of system startup and application loading; and storing the trusted environment measurement result in a platform configuration register of the encryption card. In some embodiments, the private key is stored in a secure storage area physically isolated from the encryption card, and the private key does not go out of the card. In some embodiments, further comprising