Verifiable Outsourcing of Computations Using Garbled Onions

Solutions to the verifiable outsourcing problem based on Yao’s Garbled Circuit (GC) construction have been investigated in previous works. A major obstacle to the practicality of these solutions is the single-use nature of the GC construction. This work introduces the novel technique onion garbling, which circumvents this obstacle by using only a symmetric-key cipher as its cryptographic machinery. This work also proposes a non-interactive protocol for verifiable outsourcing which utilizes the onion garbling technique. The protocol works in a 3-party setting, and consists of a preprocessing phase and an online phase. The cost of a preprocessing phase which can support up to N computations is independent of N for the outsourcing party. For the other two parties, the memory and communication cost of N-reusability is proportional to N⋅m" role="presentation">N⋅m, where m is the bit-length of the input. The cost of input preparation and verification is O(m+n)" role="presentation">O(m+n) symmetric-key cipher operations, where n is the bit-length of the output. The overall costs associated with the outsourcing party are low enough to allow verifiable outsourcing of arbitrary computations by resource-constrained devices on constrained networks. Finally, this work reports on a proof-of-concept implementation of the proposed verifiable outsourcing protocol.