Improved Delegation of Computation Using Fully Homomorphic Encryption

  • Kai-Min Chung
  • Yael Kalai
  • Salil Vadhan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6223)


Following Gennaro, Gentry, and Parno (Cryptology ePrint Archive 2009/547), we use fully homomorphic encryption to design improved schemes for delegating computation. In such schemes, a delegator outsources the computation of a function F on many, dynamically chosen inputs x i to a worker in such a way that it is infeasible for the worker to make the delegator accept a result other than F(x i ). The “online stage” of the Gennaro et al. scheme is very efficient: the parties exchange two messages, the delegator runs in time poly(logT), and the worker runs in time poly(T), where T is the time complexity of F. However, the “offline stage” (which depends on the function F but not the inputs to be delegated) is inefficient: the delegator runs in time poly(T) and generates a public key of length poly(T) that needs to be accessed by the worker during the online stage.

Our first construction eliminates the large public key from the Gennaro et al. scheme. The delegator still invests poly(T) time in the offline stage, but does not need to communicate or publish anything. Our second construction reduces the work of the delegator in the offline stage to poly(logT) at the price of a 4-message (offline) interaction with a poly(T)-time worker (which need not be the same as the workers used in the online stage). Finally, we describe a “pipelined” implementation of the second construction that avoids the need to re-run the offline construction after errors are detected (assuming errors are not too frequent).


verifiable computation outsourcing computation worst-case/average-case reductions computationally sound proofs universal argument systems 


  1. [And03]
    Anderson, D.P.: Public computing: Reconnecting people to science. In: Conference on Shared Knowledge and the Web (2003)Google Scholar
  2. [And04]
    Anderson, D.P.: Boinc: A system for public-resource computing and storage. In: GRID, pp. 4–20 (2004)Google Scholar
  3. [Bab85]
    Babai, L.: Trading group theory for randomness. In: STOC, pp. 421–429 (1985)Google Scholar
  4. [Bar01]
    Barak, B.: How to go beyond the black-box simulation barrier. In: FOCS, pp. 106–115 (2001)Google Scholar
  5. [BCC88]
    Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge. Journal of Computer and System Sciences 37(2), 156–189 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  6. [BFL91]
    Babai, L., Fortnow, L., Lund, C.: Non-deterministic exponential time has two-prover interactive protocols. Computational Complexity 1, 3–40 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  7. [BFLS91]
    Babai, L., Fortnow, L., Levin, L.A., Szegedy, M.: Checking computations in polylogarithmic time. In: STOC, pp. 21–31 (1991)Google Scholar
  8. [BG02]
    Barak, B., Goldreich, O.: Universal arguments and their applications. In: IEEE Conference on Computational Complexity, pp. 194–203 (2002)Google Scholar
  9. [CGH04]
    Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. Journal of the ACM 51(4), 557–594 (2004)CrossRefMathSciNetGoogle Scholar
  10. [CKV10]
    Chung, K.-M., Kalai, Y., Vadhan, S.: Improved delegation of computation using fully homomorphic encryption. Cryptology ePrint Archive, Report 2010/241 (2010),
  11. [FL93]
    Fortnow, L., Lund, C.: Interactive proof systems and alternating time-space complexity. Theoretical Computer Science 113(1), 55–73 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  12. [FS86]
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  13. [Gen09]
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)Google Scholar
  14. [GGP09]
    Gennaro, R., Gentry, C., Parno, B.: Non-interactive verifiable computing: Outsourcing computation to untrusted workers. Cryptology ePrint Archive, Report 2009/547 (2009),
  15. [GK03]
    Goldwasser, S., Kalai, Y.T.: On the (in)security of the fiat-shamir paradigm, pp. 102–113 (2003)Google Scholar
  16. [GKR08]
    Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: Delegating computation: interactive proofs for muggles. In: STOC, pp. 113–122 (2008)Google Scholar
  17. [GMR89]
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. SIAM Journal on Computing 18(1), 186–208 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  18. [IKO05]
    Ishai, Y., Kushilevitz, E., Ostrovsky, R.: Sufficient conditions for collision-resistant hashing. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 445–456. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. [Kil92]
    Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: STOC, pp. 723–732 (1992)Google Scholar
  20. [KR09]
    Kalai, Y.T., Raz, R.: Probabilistically checkable arguments. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 143–159. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. [LFKN92]
    Lund, C., Fortnow, L., Karloff, H.J., Nisan, N.: Algebraic methods for interactive proof systems. J. ACM 39(4), 859–868 (1992)zbMATHCrossRefMathSciNetGoogle Scholar
  22. [Mer07]
    The great internet mersenne prime search, project webpag (2007),
  23. [Mic94]
    Micali, S.: Cs proofs (extended abstracts). In: FOCS, pp. 436–453 (1994)Google Scholar
  24. [Mic00]
    Micali, S.: Computationally sound proofs. SIAM J. Comput. 30(4), 1253–1298 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  25. [Sha92]
    Shamir, A.: IP = PSPACE. Journal of the ACM 39(4), 869–877 (1992)zbMATHCrossRefMathSciNetGoogle Scholar
  26. [vAMM+08]
    von Ahn, L., Maurer, B., McMillen, C., Abraham, D., Blum, M.: reCAPTCHA: Human-Based Character Recognition via Web Security Measures. Science 321(5895), 1465–1468 (2008)CrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Kai-Min Chung
    • 1
  • Yael Kalai
    • 2
  • Salil Vadhan
    • 1
  1. 1.School of Engineering & Applied SciencesHarvard UniversityCambridgeUSA
  2. 2.Microsoft Research New EnglandCambridgeUSA

Personalised recommendations