Verifiable Cloud Computing

KANG Yu

Verifiable Computation

• Weak clients• Computationally powerful cloud• Goal:– Verify the computing result

Non-Interactive Verifiable Computing

• By Gennaro et al.• Enables a outsourcing computation of a non-

interactive function on untrusted workers

Non-Interactive Verifiable Computing

• Key idea: – Take advantage of Yao’s Garbled Circuit

Construction. – Overcome the one-time construction by fully-

homomorphic Encryption• Verify the computation as well as keep the

privacy. But stays theoretical.

Verifiable Computation with Two or More Clouds

• By Canetti et al.• Use two or more clouds to perform

computation and find one to trust

Verifiable Computation with Two or More Clouds

• Key idea: – Assume at least one of clouds is honest– Use efficient-players Refereed Games (epRG)

model– Take advantage of Merkle Hash Tree on

constructing reduced-configuration Turing Machine

– The referee do a binary search on steps to computing

• Can be implemented but need at least two clouds.

Monitoring Remotely Executing Programs

• By Yang et al.• Complier techniques produce codes with

beacons • On periodically exchange beacons to trace the

progress and recompute some results to check the correctness of remotely executing program

Monitoring Remotely Executing Programs

• Key idea: – Create finite state machine for source code and

create beacons for computationally significant method

– Location beacon for tracking the progress– Recomputation beacons for checking the validity

of computation• Can be implemented but it trust the cloud

provider’s infrastructure.

Verifying Cloud-Hosted Web Applications

• By Jana et al.• Verify the correctly executing of cloud-hosted

web applications with help of a subset of users

Verifying Cloud-Hosted Web Applications

• Key idea: – Model web applications operations as reads and

writes to an object store, verify whether an object store is consistent

– Assume there are a subset of users keep logs that can be accessed

– Doing collaboration verification by checking the consistency of logged reads and writes

• Can be implemented but the model may be limited by ignoring computation.

Conclusion

• Four different verification approaches• Different situation• Trusted Platform Module (TPM) may be useful• Cloud: totally untrustable or not

References

• Rosario Gennaro , Craig Gentry , Bryan Parno, Non-interactive verifiable computing: outsourcing computation to untrusted workers, Proceedings of the 30th annual conference on Advances in cryptology, August 15-19, 2010

• Ran Canetti, Ben Riva, and Guy N. Rothblum, Verifiable computation with two or more clouds, Workshop on Cryptography and Security in Clouds, 2011

References

• Shuo Yang , Ali R. Butt , Y. Charlie Hu , Samuel P. Midkiff, Trust but verify: monitoring remotely executing programs for progress and correctness, Proceedings of the tenth ACM SIGPLAN symposium on Principles and practice of parallel programming, June 15-17, 2005

• Suman Jana and Vitaly Shmatikov, EVE: Verifying Correct Execution of Cloud-Hosted Web Applications, USENIX Workshop on Hot Topics in Cloud Computing, 2011

Q&A?

Thanks!