Verifiable Computation on Outsourced Encrypted Data
On one hand, homomorphic encryption allows a cloud server to perform computation on outsourced encrypted data but provides no verifiability that the computation is correct. On the other hand, homomorphic authenticator, such as homomorphic signature with public verifiability and homomorphic MAC with private verifiability, guarantees authenticity of computation over outsourced data but does not provide data confidentiality. Since cloud servers are usually operated by third-party providers which are almost certain to be outside the trust domain of cloud users, neither homomorphic encryption nor homomorphic authenticator suffices for verifiable computation on outsourced encrypted data in the cloud. In this paper, we propose verifiable homomorphic encryption (VHE), which enables verifiable computation on outsourced encrypted data.
We first introduce a new cryptographic primitive called homomorphic encrypted authenticator (HEA), which may be of independent interest. Informally, HEA can be viewed as a homomorphic authenticator in which the authenticator itself does not leak any information about the message it authenticates. Next, we show that the fully homomorphic MAC scheme, proposed by Gennaro and Wichs recently, is a fully HEA with weak unforgeability in the sense that an adversary is not allowed to make verification queries. We then propose a linearly HEA which can tolerate any number of malicious verification queries, i.e., it achieves (strong) unforgeability. Finally, we define VHE formally, and give a generic construction of VHE based on homomorphic encryption and HEA. Instantiating the generic construction, we derive a fully VHE with weak verifiability as well as a linearly VHE with (strong) verifiability.
KeywordsCloud Computing Outsourced Encrypted Data Verifiable Homomorphic Encryption
Unable to display preview. Download preview PDF.
- 1.Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)Google Scholar
- 15.Backes, M., Fiore, D., Reischuk, R.M.: Verifiable delegation of computation on outsourced data. In: ACM Conference on Computer and Communications Security, pp. 863–874 (2013)Google Scholar
- 16.Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: ITCS, pp. 326–349 (2012)Google Scholar
- 21.Goldwasser, S., Kalai, Y.T., Popa, R.A., Vaikuntanathan, V., Zeldovich, N.: Succinct functional encryption and applications: Reusable garbled circuits and beyond. IACR Cryptology ePrint Archive 2012, 733 (2012)Google Scholar
- 22.Gennaro, R., Pastro, V.: Verifiable computation over encrypted data in the presence of verification queries. Cryptology ePrint Archive, Report 2014/202 (2014), http://eprint.iacr.org/
- 24.Fiore, D., Gennaro, R.: Publicly verifiable delegation of large polynomials and matrix computations, with applications. In: ACM Conference on Computer and Communications Security, pp. 501–512 (2012)Google Scholar
- 25.Catalano, D., Fiore, D., Gennaro, R., Vamvourellis, K.: Algebraic (trapdoor) one way functions and their applications. IACR Cryptology ePrint Archive 2012, 434 (2012)Google Scholar
- 37.Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) lwe. In: FOCS, pp. 97–106 (2011)Google Scholar
- 39.Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (leveled) fully homomorphic encryption without bootstrapping. In: ITCS, pp. 309–325 (2012)Google Scholar
- 43.Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.X.: Provable data possession at untrusted stores. In: ACM Conference on Computer and Communications Security, pp. 598–609 (2007)Google Scholar
- 44.Juels, A., Kaliski Jr., B.S.: Pors: proofs of retrievability for large files. In: ACM Conference on Computer and Communications Security, pp. 584–597 (2007)Google Scholar
- 49.Catalano, D., Marcedone, A., Puglisi, O.: Linearly homomorphic structure preserving signatures: New methodologies and applications. IACR Cryptology ePrint Archive 2013, 801 (2013)Google Scholar
- 50.Joo, C., Yun, A.: Homomorphic authenticated encryption secure against chosen-ciphertext attack. IACR Cryptology ePrint Archive 2013, 726 (2013)Google Scholar