A Framework for Outsourcing of Secure Computation ( Draft Version )

We study the problem of how to efficiently outsource a sensitive computation on secret inputs to a number of untrusted workers, under the assumption that at least one worker is honest. In our setting there is a number of clients C1, . . . , Cn with inputs x1, . . . , xn. The clients want to delegate a secure computation of f(x1, . . . , xn) to a set of untrusted workers W1, . . . ,Wm. We want do so in such a way that as long at there is at least one honest worker (and everyone else might be actively corrupted) the following holds 1) the privacy of the inputs is preserved 2) the output of the computation is correct (in particular workers cannot change the inputs of honest clients). We propose a solution where the clients’ work is minimal and the interaction pattern simple (one message to upload inputs, one to receive results), while at the same time reducing the overhead for the workers to a minimum. Our solution is generic and can be instantiated with any underlying reactive MPC protocol where linear operations are “for free”. In contrast previous solutions were less generic and could only be instantiated for specific numbers of clients/workers.