skip to main content
10.1145/2465351.2465359acmconferencesArticle/Chapter ViewAbstractPublication PageseurosysConference Proceedingsconference-collections
research-article

Resolving the conflict between generality and plausibility in verified computation

Published: 15 April 2013 Publication History

Abstract

The area of proof-based verified computation (outsourced computation built atop probabilistically checkable proofs and cryptographic machinery) has lately seen renewed interest. Although recent work has made great strides in reducing the overhead of naive applications of the theory, these schemes still cannot be considered practical. A core issue is that the work for the server is immense, in general; it is practical only for hand-compiled computations that can be expressed in special forms.
This paper addresses that problem. Provided one is willing to batch verification, we develop a protocol that achieves the efficiency of the best manually constructed protocols in the literature yet applies to most computations. We show that Quadratic Arithmetic Programs, a new formalism for representing computations efficiently, can yield a particularly efficient PCP that integrates easily into the core protocols, resulting in a server whose work is roughly linear in the running time of the computation. We implement this protocol in the context of a system, called Zaatar, that includes a compiler and a GPU implementation. Zaatar is almost usable for real problems---without special-purpose tailoring. We argue that many (but not all) of the next research questions in verified computation are questions in secure systems.

References

[1]
CUDA (http://developer.nvidia.com/what-cuda).
[2]
The GNU MP bignum library. http://gmplib.org/.
[3]
Shootout/Fannkuch. http://www.haskell.org/haskellwiki/Shootout/Fannkuch.
[4]
D. P. Anderson, J. Cobb, E. Korpela, M. Lebofsky, and D. Werthimer. SETI@home: An experiment in public-resource computing. CACM, 45(11):56--61, Nov. 2002.
[5]
S. Arora and B. Barak. Computational Complexity: A modern approach. Cambridge University Press, 2009.
[6]
S. Arora, C. Lund, R. Motwani, M. Sudan, and M. Szegedy. Proof verification and the hardness of approximation problems. J. of the ACM, 45(3):501--555, May 1998.
[7]
S. Arora and S. Safra. Probabilistic checking of proofs: a new characterization of NP. J. of the ACM, 45(1):70--122, Jan. 1998.
[8]
L. Babai, L. Fortnow, L. A. Levin, and M. Szegedy. Checking computations in polylogarithmic time. In STOC, 1991.
[9]
E. Ben-Sasson, A. Chiesa, D. Genkin, and E. Tromer. Fast reductions from RAMs to delegatable succinct constraint satisfaction problems. In ITCS, 2013.
[10]
E. Ben-Sasson, A. Chiesa, D. Genkin, and E. Tromer. On the concrete-efficiency threshold of probabilistically-checkable proofs. In STOC, 2013. To appear.
[11]
E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. Vadhan. Short PCPs verifiable in polylogarithmic time. In Conference on Computational Complexity (CCC), 2005.
[12]
E. Ben-Sasson and M. Sudan. Short PCPs with polylog query complexity. SIAM J. on Comp., 38(2):551--607, May 2008.
[13]
D. J. Bernstein. ChaCha, a variant of Salsa20. http://cr.yp.to/chacha.html.
[14]
J.-P. Berrut and L. N. Trefethen. Barycentric Lagrange interpolation. SIAM Review, 46(3):501--517, 2004.
[15]
N. Bitansky, A. Chiesa, Y. Ishai, R. Ostrovsky, and O. Paneth. Succinct non-interactive arguments via linear interactive proofs. In IACR TCC, Mar. 2013.
[16]
B. Braun. Compiling computations to constraints for verified computation. UT Austin Honors thesis HR-12-10, Dec. 2012.
[17]
C. Cachin. Integrity and consistency for untrusted services. In Conference on Current Trends in Theory and Practice of Computer Science, 2011.
[18]
C. Cachin, I. Keidar, and A. Shraer. Fail-aware untrusted storage. SIAM J. on Comp., 40(2):493--533, Apr. 2011.
[19]
M. Castro and B. Liskov. Practical Byzantine fault tolerance and proactive recovery. ACM Trans. on Comp. Sys., 20(4):398--461, Nov. 2002.
[20]
K.-M. Chung, Y. Kalai, and S. Vadhan. Improved delegation of computation using fully homomorphic encryption. In CRYPTO 2010.
[21]
J. W. Cooley and J. W. Tukey. An algorithm for the machine calculation of complex fourier series. Mathematics of Computation, 19(90):297--301, 1965.
[22]
T. H. Cormen, C. E. Leiserson, and R. L. Rivest. Introduction to Algorithms. The MIT Press, 1990.
[23]
G. Cormode, M. Mitzenmacher, and J. Thaler. Practical verified computation with streaming interactive proofs. In ITCS, 2012.
[24]
I. Dinur. The PCP theorem by gap amplification. J. of the ACM, 54(3), June 2007.
[25]
T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. on Info. Theory, 31(4):469--472, 1985.
[26]
R. Gennaro, C. Gentry, and B. Parno. Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In CRYPTO, 2010.
[27]
R. Gennaro, C. Gentry, B. Parno, and M. Raykova. Quadratic span programs and succinct NIZKs without PCPs. Cryptology ePrint Archive, Report 2012/215, 2012. To appear in EUROCRYPT 2013.
[28]
C. Gentry. A fully homomorphic encryption scheme. PhD thesis, Stanford University, 2009.
[29]
C. Gentry, S. Halevi, and N. Smart. Homomorphic evaluation of the AES circuit. In CRYPTO, 2012.
[30]
S. Goldwasser, Y. T. Kalai, and G. N. Rothblum. Delegating computation: Interactive proofs for muggles. In STOC, 2008.
[31]
J. Groth. Short pairing-based non-interactive zero-knowledge arguments. In ASIACRYPT, 2010.
[32]
A. Haeberlen, P. Kouznetsov, and P. Druschel. PeerReview: Practical accountability for distributed systems. In SOSP, 2007.
[33]
Y. Ishai, E. Kushilevitz, and R. Ostrovsky. Efficient arguments without short PCPs. In Conference on Computational Complexity (CCC), 2007.
[34]
J. Kilian. A note on efficient zero-knowledge proofs and arguments (extended abstract). In STOC, 1992.
[35]
D. E. Knuth. Seminumerical Algorithms, volume 2 of The Art of Computer Programming. Addison-Wesley, third edition, 1997.
[36]
J. Li, M. N. Krohn, D. Mazières, and D. Shasha. Secure untrusted data repository (SUNDR). In OSDI, 2004.
[37]
H. Lipmaa. Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In IACR TCC, 2011.
[38]
P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi, M. Dahlin, and M. Walfish. Depot: Cloud storage with minimal trust. ACM Trans. on Comp. Sys., 29(4), Dec. 2011.
[39]
L. Malka. VMCrypt: Modular software architecture for scalable secure computation. In ACM CCS, 2011.
[40]
D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay---a secure two-party computation system. In USENIX Security, 2004.
[41]
D. Malkhi and M. Reiter. Byzantine quorum systems. Distributed Computing, 11(4):203--213, 1998.
[42]
T. Mateer. Fast Fourier Transform algorithms with applications. PhD thesis, Clemson University, 2008.
[43]
F. Monrose, P. Wycko, and A. D. Rubin. Distributed execution with remote audit. In NDSS, 1999.
[44]
R. Motwani and P. Raghavan. Randomized Algorithms. Cambridge University Press, 1995.
[45]
B. Parno, C. Gentry, J. Howell, and M. Raykova. Pinocchio: Nearly practical verifiable computation. In IEEE Symposium on Security and Privacy, 2013. To appear.
[46]
B. Parno, J. M. McCune, and A. Perrig. Bootstrapping Trust in Modern Computers. Springer, 2011.
[47]
N. Pippenger and M. J. Fischer. Relations among complexity measures. J. of the ACM, 26(2):361--381, Apr. 1979.
[48]
A.-R. Sadeghi, T. Schneider, and M. Winandy. Token-based cloud computing: secure outsourcing of data and arbitrary computations with lower latency. In TRUST, 2010.
[49]
A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms. In SOSP, 2005.
[50]
S. Setty, A. J. Blumberg, and M. Walfish. Toward practical and unconditional verification of remote computations. In HotOS, 2011.
[51]
S. Setty, B. Braun, V. Vu, A. J. Blumberg, B. Parno, and M. Walfish. Resolving the conflict between generality and plausibility in verified computation. Cryptology ePrint Archive, Report 2012/622, 2012.
[52]
S. Setty, R. McPherson, A. J. Blumberg, and M. Walfish. Making argument systems for outsourced computation practical (sometimes). In NDSS, 2012.
[53]
S. Setty, V. Vu, N. Panpalia, B. Braun, M. Ali, A. J. Blumberg, and M. Walfish. Taking proof-based verified computation a few steps closer to practicality (extended version). Cryptology ePrint Archive, Report 2012/598, 2012.
[54]
S. Setty, V. Vu, N. Panpalia, B. Braun, A. J. Blumberg, and M. Walfish. Taking proof-based verified computation a few steps closer to practicality. In USENIX Security, 2012.
[55]
J. Thaler, M. Roberts, M. Mitzenmacher, and H. Pfister. Verifiable computation with massively parallel interactive proofs. In USENIX HotCloud Workshop, 2012.
[56]
S. Theodoridis and K. Koutroumbas. Pattern Recognition, Third Edition. Academic Press, Inc., 2006.
[57]
V. Vu, S. Setty, A. J. Blumberg, and M. Walfish. A hybrid architecture for interactive verifiable computation. In IEEE Symposium on Security and Privacy, 2013. To appear.
[58]
D. A. Wheeler. SLOCCount. http://www.dwheeler.com/sloccount/.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
EuroSys '13: Proceedings of the 8th ACM European Conference on Computer Systems
April 2013
401 pages
ISBN:9781450319942
DOI:10.1145/2465351
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 April 2013

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article

Funding Sources

Conference

EuroSys '13
Sponsor:
EuroSys '13: Eighth Eurosys Conference 2013
April 15 - 17, 2013
Prague, Czech Republic

Acceptance Rates

EuroSys '13 Paper Acceptance Rate 28 of 143 submissions, 20%;
Overall Acceptance Rate 241 of 1,308 submissions, 18%

Upcoming Conference

EuroSys '25
Twentieth European Conference on Computer Systems
March 30 - April 3, 2025
Rotterdam , Netherlands

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)11
  • Downloads (Last 6 weeks)1
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media