Skip to main content
Book cover

Theory of Cryptography Conference

TCC 2013: Theory of Cryptography pp 222–242Cite as

Signatures of Correct Computation

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7785)

Abstract

We introduce Signatures of Correct Computation (SCC), a new model for verifying dynamic computations in cloud settings. In the SCC model, a trusted source outsources a function f to an untrusted server, along with a public key for that function (to be used during verification). The server can then produce a succinct signature σ vouching for the correctness of the computation of f, i.e., that some result v is indeed the correct outcome of the function f evaluated on some point a. There are two crucial performance properties that we want to guarantee in an SCC construction: (1) verifying the signature should take asymptotically less time than evaluating the function f; and (2) the public key should be efficiently updated whenever the function changes.

We construct SCC schemes (satisfying the above two properties) supporting expressive manipulations over multivariate polynomials, such as polynomial evaluation and differentiation. Our constructions are adaptively secure in the random oracle model and achieve optimal updates, i.e., the function’s public key can be updated in time proportional to the number of updated coefficients, without performing a linear-time computation (in the size of the polynomial).

We also show that signatures of correct computation imply Publicly Verifiable Computation (PVC), a model recently introduced in several concurrent and independent works. Roughly speaking, in the SCC model, any client can verify the signature σ and be convinced of some computation result, whereas in the PVC model only the client that issued a query (or anyone who trusts this client) can verify that the server returned a valid signature (proof) for the answer to the query. Our techniques can be readily adapted to construct PVC schemes with adaptive security, efficient updates and without the random oracle model.

Keywords

  • Random Oracle
  • Correct Computation
  • Random Oracle Model
  • Polynomial Evaluation
  • Algorithm Verify

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download conference paper PDF

References

  1. Applebaum, B., Ishai, Y., Kushilevitz, E.: From Secrecy to Soundness: Efficient Verification via Secure Computation. In: Abramsky, S., Gavoille, C., Kirchner, C., Meyer auf der Heide, F., Spirakis, P.G. (eds.) ICALP 2010. LNCS, vol. 6198, pp. 152–163. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  2. Atallah, M.J., Cho, Y., Kundu, A.: Efficient data authentication in an environment of untrusted third-party distributors. In: ICDE, pp. 696–704 (2008)

    Google Scholar 

  3. Benabbas, S., Gennaro, R., Vahlis, Y.: Verifiable Delegation of Computation over Large Datasets. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 111–131. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  4. Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: ITCS, pp. 326–349 (2012)

    Google Scholar 

  5. Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: Recursive composition and bootstrapping for snarks and proof-carrying data. IACR Cryptology ePrint Archive 2012:95 (2012)

    Google Scholar 

  6. Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptology 21(2), 149–177 (2008)

    MathSciNet  CrossRef  MATH  Google Scholar 

  7. Boneh, D., Boyen, X.: Efficient selective identity-based encryption without random oracles. J. Cryptology 24(4), 659–693 (2011)

    MathSciNet  CrossRef  MATH  Google Scholar 

  8. Boneh, D., Waters, B.: Conjunctive, Subset, and Range Queries on Encrypted Data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  9. Canetti, R., Riva, B., Rothblum, G.N.: Two 1-round protocols for delegation of computation. IACR Cryptology ePrint Archive 2011:518 (2011)

    Google Scholar 

  10. Chung, K.-M., Kalai, Y., Vadhan, S.: Improved Delegation of Computation Using Fully Homomorphic Encryption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 483–501. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  11. Damgård, I.B.: Towards Practical Public Key Systems Secure against Chosen Ciphertext Attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445–456. Springer, Heidelberg (1992)

    Google Scholar 

  12. Fiore, D., Gennaro, R.: Improved publicly verifiable delegation of large polynomials and matrix computations. IACR Cryptology ePrint Archive 2012:434 (2012)

    Google Scholar 

  13. Fiore, D., Gennaro, R.: Publicly verifiable delegation of large polynomials and matrix computations, with applications. In: CCS, pp. 501–512 (2012)

    Google Scholar 

  14. Gennaro, R., Gentry, C., Parno, B.: Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 465–482. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  15. Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. IACR Cryptology ePrint Archive 2012:215 (2012)

    Google Scholar 

  16. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)

    Google Scholar 

  17. Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: STOC, pp. 99–108 (2011)

    Google Scholar 

  18. Goodrich, M.T., Tamassia, R., Schwerin, A.: Implementation of an authenticated dictionary with skip lists and commutative hashing. In: DISCEX II, pp. 68–82 (2001)

    Google Scholar 

  19. Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Super-Efficient Verification of Dynamic Outsourced Databases. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 407–424. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  20. Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Efficient authenticated data structures for graph connectivity and geometric search problems. Algorithmica 60(3), 505–552 (2011)

    MathSciNet  CrossRef  MATH  Google Scholar 

  21. Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded Ciphertext Policy Attribute Based Encryption. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 579–591. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  22. Groth, J.: Short Non-interactive Zero-Knowledge Proofs. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 341–358. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  23. Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-Size Commitments to Polynomials and Their Applications. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  24. Lewko, A., Waters, B.: New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques. In: Safavi-Naini, R. (ed.) CRYPTO 2012. LNCS, vol. 7417, pp. 180–198. Springer, Heidelberg (2012)

    Google Scholar 

  25. Yiu, M.L., Lin, Y., Mouratidis, K.: Efficient verification of shortest path search via authenticated hints. In: ICDE, pp. 237–248 (2010)

    Google Scholar 

  26. Merkle, R.C.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)

    Google Scholar 

  27. Micali, S.: Computationally sound proofs. SIAM J. Comput. 30(4), 1253–1298 (2000)

    MathSciNet  CrossRef  MATH  Google Scholar 

  28. Papamanthou, C., Shi, E., Tamassia, R.: Signatures of correct computation. IACR Cryptology ePrint Archive 2011: 587 (2011)

    Google Scholar 

  29. Papamanthou, C., Tamassia, R., Triandopoulos, N.: Authenticated hash tables. In: CCS, pp. 437–448 (2008)

    Google Scholar 

  30. Papamanthou, C., Tamassia, R., Triandopoulos, N.: Optimal Verification of Operations on Dynamic Sets. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 91–110. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  31. Parno, B., Raykova, M., Vaikuntanathan, V.: How to Delegate and Verify in Public: Verifiable Computation from Attribute-Based Encryption. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 422–439. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  32. Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  33. Tamassia, R.: Authenticated Data Structures. In: Di Battista, G., Zwick, U. (eds.) ESA 2003. LNCS, vol. 2832, pp. 2–5. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  34. Tamassia, R., Triandopoulos, N.: Efficient Content Authentication in Peer-to-Peer Networks. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 354–372. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  35. Tamassia, R., Triandopoulos, N.: Certification and authentication of data structures. In: Proc. Alberto Mendelzon Workshop on Foundations of Data Management (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. UC Berkeley, USA

    Charalampos Papamanthou

  2. University of Maryland, USA

    Elaine Shi

  3. Brown University, USA

    Roberto Tamassia

Authors
  1. Charalampos Papamanthou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Elaine Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roberto Tamassia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. UCLA, 3731E Boelter Hall, 90095, Los Angeles, CA, USA

    Amit Sahai

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 International Association for Cryptologic Research

About this paper

Cite this paper

Papamanthou, C., Shi, E., Tamassia, R. (2013). Signatures of Correct Computation. In: Sahai, A. (eds) Theory of Cryptography. TCC 2013. Lecture Notes in Computer Science, vol 7785. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36594-2_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36594-2_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36593-5

  • Online ISBN: 978-3-642-36594-2

  • eBook Packages: Computer ScienceComputer Science (R0)