Protocol π: Two cloud servers-assisted secure outsourcing computation protocol |
Setup. |
For , sample a ring element vector , a ring element , and a ring |
element vector . Then, the private key of is ; the public key of is |
. And then, shares a private random with SC that has a private |
number . CC has a private number . As a preparation, user firstly sends to CC; |
CC computes and then sends it back to SC. Then, SC can obtain by |
removing . |
Upload. |
For , each user encrypts its own private input by the LE scheme. Firstly, |
samples and computes and . Then, it |
outputs the ciphertext . |
Outsourcing Computation. |
After receiving all ciphertexts of the private inputs from users, SC stores all ciphertexts and |
executes a midtransformation to the outsourced data when computing some function . |
After that, CC further transforms the midtransformed ciphertexts and then computes the |
function following the circuit that consisted of addition gates and multiplication gates. |
(1) Midtransforming. |
Firstly, SC midtransforms the ciphertexts encrypted by users’ own keys as , where |
, and sends to CC. |
(2) Computing. |
After receiving , CC further transforms to . |
Denote ; then, . CC then computes the |
ciphertext of the result by the transformed ciphertexts of users’ private inputs. |
Add. For each addition gate, . |
Mul. For each multiplication gate, . |
(3) Producing Custom-Made Result. |
After computing gate by gate following the circuit , CC obtains the intermediate result |
encrypted by the private numbers of the two assisted cloud servers SC and CC; that is, |
, where and is the number of the |
multiplication gates of . To produce a custom-made result for each user, CC firstly sends |
to SC. SC removes and adds to compute and then sends back |
to CC. CC finally removes to produce the custom-made ciphertext and sends |
it to the authorized party . |
Output |
For each authorized party , it obtains the result by removing . |