Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Verifiable delegation of computation on outsourced data
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Smart meter aggregation via secret-sharing
Proceedings of the first ACM workshop on Smart energy grid security
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
Lessons learned with PCF: scaling secure computation
Proceedings of the First ACM workshop on Language support for privacy-enhancing technologies
Pinocchio coin: building zerocoin from a succinct pairing-based proof system
Proceedings of the First ACM workshop on Language support for privacy-enhancing technologies
Verifying computations with state
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Verifying the correctness of remote executions: from wild implausibility to near practicality
Proceedings of the 9th Workshop on Hot Topics in Dependable Systems
Towards privacy-preserving fault detection
Proceedings of the 9th Workshop on Hot Topics in Dependable Systems
ZQL: a compiler for privacy-preserving data processing
SEC'13 Proceedings of the 22nd USENIX conference on Security
Authenticated data structures, generically
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
| Hi-index | 0.00 |
To instill greater confidence in computations outsourced to the cloud, clients should be able to verify the correctness of the results returned. To this end, we introduce Pinocchio, a built system for efficiently verifying general computations while relying only on cryptographic assumptions. With Pinocchio, the client creates a public evaluation key to describe her computation; this setup is proportional to evaluating the computation once. The worker then evaluates the computation on a particular input and uses the evaluation key to produce a proof of correctness. The proof is only 288 bytes, regardless of the computation performed or the size of the inputs and outputs. Anyone can use a public verification key to check the proof. Crucially, our evaluation on seven applications demonstrates that Pinocchio is efficient in practice too. Pinocchio's verification time is typically 10ms: 5-7 orders of magnitude less than previous work; indeed Pinocchio is the first general-purpose system to demonstrate verification cheaper than native execution (for some apps). Pinocchio also reduces the worker's proof effort by an additional 19-60x. As an additional feature, Pinocchio generalizes to zero-knowledge proofs at a negligible cost over the base protocol. Finally, to aid development, Pinocchio provides an end-to-end toolchain that compiles a subset of C into programs that implement the verifiable computation protocol.