Hardware‑Software Integration Accelerates Privacy Computing: Technical Overview

Privacy computing has become a hot topic in 2021, marking the first year of large‑scale commercial deployment. At a recent "Lu Jiazui" magazine forum, Qin Cheng‑gang, Ant Group's Director of Trusted Native Technology, highlighted that the integration of hardware and software is essential for solving data‑lifecycle security and cryptographic compute‑performance problems, which are critical for the mass adoption of privacy‑computing technologies.

He emphasized that privacy computing must protect data throughout its entire lifecycle, not only during computation. This requires confidentiality and integrity guarantees at every stage—collection, transmission, storage, and processing—often relying on national cryptographic standards (GuoMi) and trusted execution environments (TEE).

Recent high‑profile data‑leak incidents (2020‑2021) demonstrate the difficulty of achieving uniform security across organizations, underscoring the need for a comprehensive, multi‑layered protection framework.

From a performance perspective, cryptographic algorithms used in privacy computing (e.g., fully homomorphic encryption) are orders of magnitude slower than plaintext operations—up to 10 000 × slower on general‑purpose CPUs—making acceleration a prerequisite for practical deployment. Communication overhead (ciphertext expansion, increased round trips) further limits scalability.

To address these bottlenecks, Ant Group has built a hardware‑software ecosystem called Trust Native , which includes self‑designed TPM chips, cryptographic accelerators, DPUs, and TEE‑enabled processors. These components provide integrity protection, isolation via secure containers, and transparent encryption, forming a deep‑defense stack.

Specific acceleration strategies involve dedicated ASIC, GPU, and FPGA solutions for algorithms such as ECDH and fully homomorphic encryption, achieving speed‑ups of 20‑plus times for ECDH and tens of times for homomorphic workloads. Benchmarking efforts are underway to establish industry‑wide performance standards.

The integrated solution culminates in a privacy‑computing appliance that bundles the hardware stack, open‑source cryptographic libraries (including SSL/TLS, FHE/PHE/MPC), TEE runtimes (e.g., Occlum, SofaEnclave), and a container‑orchestration platform with RDMA support for intra‑datacenter acceleration.

The appliance, announced at the 2021 Wuzhen Internet Conference, leverages Ant's proprietary TPM, ASIC‑based cryptographic cards (supporting SM2/SM3/SM4), and dynamic measurement capabilities to detect runtime tampering, thereby enhancing both security and performance.

In summary, data security and compute acceleration are the two primary technical challenges in privacy computing, and a tightly coupled hardware‑software approach can effectively resolve them, lowering development barriers and accelerating industry adoption.