Two-Server Delegation of Computation on Label-Encrypted Data

TL;DR

This paper introduces a new multi-server scheme for delegating complex computations on encrypted data, reducing server workload and enabling verification, by replacing number-theoretic encryption with label-based pseudorandom functions.

Contribution

The paper proposes a novel multi-server delegation scheme using label and pseudorandom functions, improving efficiency and verifiability over previous schemes based on linearly-homomorphic encryption.

Findings

Reduces server computation complexity

Enables verifiable degree-d computations

Extends to multi-server delegation

Abstract

Catalano and Fiore propose a scheme to transform a linearly-homomorphic encryption into a homomorphic encryption scheme capable of evaluating quadratic computations on ciphertexts. Their scheme is based on the linearly-homomorphic encryption (such as Goldwasser-Micali, Paillier and ElGamal) and need to perform large integer operation on servers. Then, their scheme have numerous computations on the servers. At the same time, their scheme cannot verify the computations and cannot evaluate more than degree-4 computations. To solve these problems, we no longer use linearly-homomorphic encryption which based on number theory assumptions. We use label and pseudorandom function to encrypt message, which significantly reduce the computations on the servers and enable us to use homomorphic MACs technology to realize verifiable computations naturally. We also extend the method to construct $d$-server schemes, which allow the client to delegate degree-$d$ computations on outsourced data.