Pinocchio: Nearly practical verifiable computation. To instill greater confidence in computations outsourced to the cloud, clients should be able to verify the correctness of the results returned. To this end, we introduce Pinocchio, a built system for efficiently verifying general computations while relying only on cryptographic assumptions. With Pinocchio, the client creates a public evaluation key to describe her computation; this setup is proportional to evaluating the computation once. The worker then evaluates the computation on a particular input and uses the evaluation key to produce a proof of correctness. The proof is only 288 bytes, regardless of the computation performed or the size of the inputs and outputs. Anyone can use a public verification key to check the proof. Crucially, our evaluation on seven applications demonstrates that Pinocchio is efficient in practice too. Pinocchio’s verification time is typically 10ms: 5-7 orders of magnitude less than previous work; indeed Pinocchio is the first general-purpose system to demonstrate verification cheaper than native execution (for some apps). Pinocchio also reduces the worker’s proof effort by an additional 19-60x. As an additional feature, Pinocchio generalizes to zero-knowledge proofs at a negligible cost over the base protocol. Finally, to aid development, Pinocchio provides an end-to-end toolchain that compiles a subset of C into programs that implement the verifiable computation protocol.
Keywords for this software
References in zbMATH (referenced in 9 articles )
Showing results 1 to 9 of 9.
- Papamanthou, Charalampos; Tamassia, Roberto; Triandopoulos, Nikos: Authenticated hash tables based on cryptographic accumulators (2016)
- Chiesa, Alessandro; Zhu, Zeyuan Allen: Shorter arithmetization of nondeterministic computations (2015)
- Ben-Sasson, Eli; Chiesa, Alessandro; Tromer, Eran; Virza, Madars: Scalable zero knowledge via cycles of elliptic curves (2014)
- Canetti, Ran; Paneth, Omer; Papadopoulos, Dimitrios; Triandopoulos, Nikos: Verifiable set operations over outsourced databases (2014)
- Chuengsatiansup, Chitchanok; Naehrig, Michael; Ribarski, Pance; Schwabe, Peter: PandA: pairings and arithmetic (2014)
- Ben-Sasson, Eli; Chiesa, Alessandro; Genkin, Daniel; Tromer, Eran; Virza, Madars: Snarks for C: verifying program executions succinctly and in zero knowledge (2013)
- Gennaro, Rosario; Gentry, Craig; Parno, Bryan; Raykova, Mariana: Quadratic span programs and succinct NIZKs without PCPs (2013)
- Lipmaa, Helger: Succinct non-interactive zero knowledge arguments from span programs and linear error-correcting codes (2013)
- Thaler, Justin: Time-optimal interactive proofs for circuit evaluation (2013)