Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers

Rosario Gennaro, Craig Gentry, and Bryan Parno

Abstract

We introduce and formalize the notion of Verifiable Computation, which enables a computationally weak client to "outsource" the computation of a function F on various dynamically-chosen inputs x1,...,xk to one or more workers. The workers return the result of the function evaluation, e.g., yi=F(xi), as well as a proof that the computation of F was carried out correctly on the given value xi. The primary constraint is that the verification of the proof should require substantially less computational effort than computing F(xi) from scratch.

We present a protocol that allows the worker to return a computationally-sound, non-interactive proof that can be verified in O(m * poly(lambda)) time, where m is the bit-length of the output of F, and lambda is a security parameter. The protocol requires a one-time pre-processing stage by the client which takes O(|C| * poly(lambda)) time, where C is the smallest known Boolean circuit computing F. Unlike previous work in this area, our scheme also provides (at no additional cost) input and output privacy for the client, meaning that the workers do not learn any information about the xi or yi values.

Details

Publication typeInproceedings
Published inProceedings of the International Cryptology Conference (CRYPTO)
PublisherSpringer Verlag
> Publications > Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers