Verifiable Private Polynomial Evaluation
نویسندگان
چکیده
Delegating the computation of a polynomial to a server in a verifiable way is challenging. An even more challenging problem is ensuring that this polynomial remains hidden to clients who are able to query such a server. In this paper, we formally define the notion of Private Polynomial Evaluation (PPE). Our main contribution is to design a rigorous security model along with relations between the different security properties. We define polynomial protection (PP), proof unforgeability (UNF), and indistinguishability against chosen function attack (IND-CFA), which formalizes the resistance of a PPE against attackers trying to guess which polynomial is used among two polynomials of their choice. As a second contribution, we give a cryptanalysis of two PPE schemes of the literature. Finally, we design a PPE scheme called PIPE and we prove that it is PP-, UNFand IND-CFA-secure under the decisional Diffie-Hellman assumption in the random oracle model.
منابع مشابه
Private Outsourcing of Polynomial Evaluation and Matrix Multiplication Using Multilinear Maps
Verifiable computation (VC) allows a computationally weak client to outsource the evaluation of a function on many inputs to a powerful but untrusted server. The client invests a large amount of off-line computation and gives an encoding of its function to the server. The server returns both an evaluation of the function on the client’s input and a proof such that the client can verify the eval...
متن کاملVerifiable multi-secret sharing based on LFSR sequences
In verifiable multi-secret sharing schemes (VMSSs), many secrets can be shared but only one share is kept by each user and this share is verifiable by others. In this paper, we propose two secure, efficient, and verifiable (t, n) multi-secret sharing schemes, namely Scheme-I and Scheme-II. Scheme-I is based on the Lagrange interpolating polynomial and the LFSR-based public key cryptosystem. The...
متن کاملApplications of Polynomial Properties to Verifiable Delegation of Computation and Electronic Voting
This paper presents some proposals of protocols for two types of schemes such as verifiable delegation of computation and remote electronic voting, based on polynomial properties. Our protocols for verifiable delegation of computation are aimed to the efficient evaluation of polynomials, working on schemes where the polynomial and/or the input are kept secret to the server. Our proposal for rem...
متن کاملVerifiable Delegation of Polynomials
Verifiable computation allows a computationally weak client to outsource evaluation of a function on many inputs to a powerful but untrusted server. The client invests a large amount of off-line computation in an amortized manner to obtain an encoding of its function which is then given to the server. The server returns both the evaluation result of the function on the client’s input and a proo...
متن کاملNon-Interactive Verifiable Secret Sharing for Monotone Circuits
We propose a computationally secure and non-interactive verifiable secret sharing scheme that can be efficiently constructed from any monotone Boolean circuit. By non-interactive we mean that the dealer needs to be active only once, where he posts a public message as well as a private message to each shareholder. In the random oracle model, we can even avoid interaction between shareholders. By...
متن کامل