| Protocol π: Two cloud servers-assisted secure outsourcing computation protocol |
| Setup. |
| For , sample a ring element vector , a ring element , and a ring |
| element vector . Then, the private key of is ; the public key of is |
| . And then, shares a private random with SC that has a private |
| number . CC has a private number . As a preparation, user firstly sends to CC; |
| CC computes and then sends it back to SC. Then, SC can obtain by |
| removing . |
| Upload. |
| For , each user encrypts its own private input by the LE scheme. Firstly, |
| samples and computes and . Then, it |
| outputs the ciphertext . |
| Outsourcing Computation. |
| After receiving all ciphertexts of the private inputs from users, SC stores all ciphertexts and |
| executes a midtransformation to the outsourced data when computing some function . |
| After that, CC further transforms the midtransformed ciphertexts and then computes the |
| function following the circuit that consisted of addition gates and multiplication gates. |
| (1) Midtransforming. |
| Firstly, SC midtransforms the ciphertexts encrypted by users’ own keys as , where |
| , and sends to CC. |
| (2) Computing. |
| After receiving , CC further transforms to . |
| Denote ; then, . CC then computes the |
| ciphertext of the result by the transformed ciphertexts of users’ private inputs. |
| Add. For each addition gate, . |
| Mul. For each multiplication gate, . |
| (3) Producing Custom-Made Result. |
| After computing gate by gate following the circuit , CC obtains the intermediate result |
| encrypted by the private numbers of the two assisted cloud servers SC and CC; that is, |
| , where and is the number of the |
| multiplication gates of . To produce a custom-made result for each user, CC firstly sends |
| to SC. SC removes and adds to compute and then sends back |
| to CC. CC finally removes to produce the custom-made ciphertext and sends |
| it to the authorized party . |
| Output |
| For each authorized party , it obtains the result by removing . |
