Research Article  Open Access
Scalable and Soundness Verifiable Outsourcing Computation in Marine Mobile Computing
Abstract
Outsourcing computation with verifiability is a merging notion in cloud computing, which enables lightweight clients to outsource costly computation tasks to the cloud and efficiently check the correctness of the result in the end. This advanced notion is more important in marine mobile computing since the oceangoing vessels are usually constrained with less storage and computation resources. In such a scenario, vessels always firstly outsource data set and perform a function computing over them or at first outsource computing functions and input data set into them. However, vessels may choose which delegation computation type to outsource, which generally depends on the actual circumstances. Hence, we propose a scalable verifiable outsourcing computation protocol () in marine cloud computing at first and extract a singlemode version of it (), where both protocols allow anyone who holds verification tokens to efficiently verify the computed result returned from cloud. In this way, the introduced “scalable” property lets vessels adjust the protocol to cope with different delegation situations in practice. We additionally prove both and achieving selective soundness in the random oracle model and evaluate their performance in the end.
1. Introduction
Cloud computing [1], a shared pool of massive configurable computing resources, provides resourceconstrained clients with various capabilities to access computation resources in an ondemand way. The merging development of hardware (e.g., sensor, wearabledevice unit) makes it possible for mobile devices [2, 3] feeling free to use and enjoy the cloud service in mobile computing category [4, 5].
This is especially important for the marine mobile computing filed since marine ecosystems should be exploited and treated seriously from both environmental side and economic side. In order to monitor the changes of marine ecosystems, scientific vessels need to perform a series of mathematical or statical analysis over collected data [6]. This includes calculating the average temperature of ocean in an instantaneous moment or during a time period and reporting the variance of the dissolved oxygen during 24 hours, 72 hours, 6 months, or more [7, 8].
However, the vessels are usually not supported by powerful data collection devices and largescale computation processers. As a result, marine sensor units should collect marine data at first and send the collected data to vessels or base stations. Also, they may outsource some expensive computations to the cloud server and expect to use the result enjoyably after an efficient verification phase (since the cloud may return an incorrect answer for some profits). Moreover, a public verification method is preferable; namely, anyone holding the verification token can run the verification procedure in public.
Moreover, we notice that the vessel’s usual outsourcing computation in marine mobile computing comes from the following two types (as in Table 1).

Type I. A client outsources a combined input tuple containing data set and function together as inputs at first and then types into an importing function over the outsourced data and an importing data set towards the outsourced function in a combined way.
Type II. A client outsources a function as an input at first and then types into an importing data set towards the outsourced function. (Here, we do not consider a delegation type where a client outsources a data set at first and takes inputs on it. A detailed analysis on this can be found in Section 5.)
Maybe, clients should flexibly switch Type I and Type II due to their actual demands in reality. If we design and deploy two respective outsourcing computation protocol systems for respective delegation type, there is no doubt that this will cause a big waste of resources, which is even not feasible in marine WSNs. Hence, a “scalable” property for an outsourcing computation protocol should be highlighted. Apart from this, some desirable features for verifiable outsourcing computation protocols in marine WSNs should also be considered seriously.
Therefore, we may have the following doubt: whether an efficient scalable outsourcing computation protocol with public verifiability towards Type I or/and Type II delegation in marine mobile computing field exists or not?
Our Results. To give an affirmative answer to this expectation, we manage to design a public verifiable outsourcing computation protocol for Type I outsourcing and moreover extend it to support Type II outsourcing as well, which are inspired by [9–11]. Specifically, our contributions in this work can be summarized as the following four parts:(i)Aiming for securely performing Type I computation outsourcing, we put forward a scalable public verifiable outsourcing computation protocol in marine mobile computing, namely, . This protocol allows anyone to use a granted verification token to verify the result originated from any vessel’s Type I computation request.(ii)By treating the outsourced data set as an “onthefly” input of , we extract a singlemode version (i.e., for Type II computation) with adding a slight additional cost. As a result, vessels can just use a protocol enough for both Type I and Type II computation as they like, which shows the “scalable property’s” flexibility at a maximum extent.(iii)Both our and protocols are proven to achieve perfect correctness and selective soundness in the random oracle model. Furthermore, the efficiency analysis and concrete performance evaluations on both two protocols are provided.(iv)We motivate an intuition that the protocol can be viewed as a hierarchical public VC protocol towards only outsourced function (Type II), where the subjective function accepts the outsourced data which can be viewed as a hierarchical access control procedure.
1.1. Problem Statement
In this subsection, we present design goals and system overview for our introduced protocols.
Design Goals. To achieve both functionalities and privacypreserving requirements for an outsourcing computation protocol in marine mobile computing, the design goals can be thought from the following five parts.
(1) Scalability. The protocol should be able to flexibly vary its shapes depending on the type of outsourcing computation.
(2) Public Verifiability. Anyone with verification tokens can check the correctness of the result.
(3) Public Delegation. Any client can outsource a computation assignment to the cloud once the system is set up.
(4) Correctness. A dishonest cloud cannot return an incorrect output that passes verification.
(5) Soundness. A public (verifiable) outsourcing computation protocol should be secure and sound (cf. Section 2.3).
System Description. Our or protocol consists of the following three entities.
(i) Cloud Server. It receives the outsourcing computation request from any vessel and returns a result.
(ii) Vessels (consisting of a pilot one and a number of nonpilot ones). They delegate outsourcing computation tasks to the cloud and expect to receive the correct computational outcome.
(iii) Satellite. It provides a wireless communication channel between cloud server and vessels.
HighLevel Roadmap. Figure 1 gives a highlevel system overview on a group verifiable outsourcing computation protocol, namely, both protocol and protocol. To be specific, the cloud server provides a verifiable outsourcing computation service for group vessels through the wireless channel supplied by the satellite. Note that a pilot vessel in a group of vessels initializes the public verifiable outsourcing computation service by outsourcing the delegation computing function (and accompanied outsourced data set), as well as sending the generated public system information to the whole system and the generated evaluation key information about computing function (and accompanied data set) to the cloud. In this way, any vessel in this group can delegate computations by directly typing inputs into the computing function (and accompanied data set). Then the cloud server performs a computation for the outsourcing request from a vessel. Finally, anyone who possesses a legal verification token (granted from the delegating vessel) is able to verify the result. We note that the above procedure path is highly similar to Type II (and Type I) outsourcing computation, that is, or protocol, respectively, where the only difference is the clients’ outsourcing type and importing type.
1.2. Related Work
The studied problem is usually solved through a verification computation (VC) [12, 13] method, which starts with outsourcing a computing function to the cloud at first and then takes inputs on it. However, current VC protocols do not satisfy the listed design goals simultaneously in specific marine cloud computing. The other way to consider the verifiable outsourcing computation field is designed for running some verifiable delegations on outsourced data sets [14, 15], which is a little different from the formal VC concept where it differs in outsourcing whether it is a computing function or a data set at first. Also some works focused on performing computations towards outsourced functions (outsourcing at first) have been proposed [9, 13, 16–18]. For the public delegation and the public verifiable property, Applebaum et al.’s works did not satisfy them, as well as the work presented in [13, 14, 19]. Reference [11] presented protocol supported Type I computation outsourcing but neglected Type II one, so was the hybrid [20, 21] notion for verifiable computation failing the scalable property.
We note that all approaches to construct VC protocols except for functional encryptionbased method failed to provide public delegation property for a verifiable outsourcing protocol towards a group of clients. From this point of view, our proposed solution is more enjoyable for such a scenario. More importantly, current works fail to achieve all the mentioned design goals simultaneously.
Organization. In Section 2, we introduce the system model and security definition for our protocol. Section 3 gives the protocol and its security analysis is provided in Section 4. An extracted version for singlemode public verifiable outsourcing computation protocol towards just outsourced function is shown in Section 5. Section 6 evaluates the performance and Section 7 gives a conclusion.
2. Background Knowledge
Notations 1. We denote by the fact that is picked uniformly at random from a finite set . We denote PPT as a probabilistic polynomialtime algorithm. We use to denote multiplication (or group operation) as well as componentwise multiplication.
2.1. Outsourcing Functions’ Description Using Access Structures
Definition 2. A (monotone) access structure for set universe . One may hold the fact for an attribute set : accepts Here, is a row vector; as represents the th row vector of matrix , a linear span is a collection of vectors over .
Remark 3. In this paper, we mainly focus on giving a verifiable outsourcing computation protocol for Boolean formula delegating functions. When we manage to enable our protocol to be usable for multibits rather than one bit (Boolean formula), we usually take the following steps to realize: (1)Split the computing function in to some subfunctions , where is the th output bit of the computing function .(2)Now we can run the and (for Boolean formula function) with conducting each subfunction .
Therefore, we can obtain a scalable outsourcing computation protocol for (polynomial many) multibits output for , where can be implemented by a polynomialsize Boolean formula’s circuit. In this case, any outsourcing function can be computed by a polynomialsize Boolean formula and can thus be described by a (monotone) access structure [22]. We therefore use the access structures to symbolize the aiming outsourced (Boolean) functions throughout this paper.
2.2. Underlying Security Guarantee
The security of our protocol relies on the decisional BDHE assumption. Let , be two cyclic groups of prime order and a generator of group along with an efficient computable map . Randomly choose generators and and a tuple , and an adversary should distinguish a computed value from a random element in . Finally, outputs having an advantage in solving the decisional BDHE problem if
Definition 4. One says that the decisional BDHE assumption holds in if, for any PPT adversary , its advantage in above game is negligible in security parameter .
2.3. Definition for Scalable Verifiable Outsourcing Computation
In this subsection, we present the system definition, correctness definition, security definition, and privacy definition for a scalable verifiable outsourcing computation protocol.
System Definition. A scalable verifiable outsourcing computation protocol is composed of the following four PPT algorithms:(i): given a security parameter , on input a function and an accompanied outsourced data set , the pilot vessel outputs a public key and an evaluation key .(ii): on input , any (pilot or nonpilot) vessel can use it to encode an input into a problem description , as well as outputting a verification key .(iii): on input and a problem description , the data center (cloud) computes an outcome .(iv): with input of the cloud’s output , anyone returns an output or (rejects the cloud’s answer using ).
Correctness Definition. Given a security parameter , for any outsourced data set and outsourced function and any subjective function and for any objective data set , , , then
Security Definition. We define a security experiment against adaptive (adaptively chosen outsourced function and data sets) adversaries, which is played by a challenger and a stateful adversary .
A protocol achieves selective soundness if for all PPT adversaries and for any and , ’s winning advantage under the following condition, ; ; ; ; outputs “1”,
is negligible in security parameter , where means that the adversary can submit pairs that make the experiment always output “1.”
Privacy Definition. The clients’ outsourced/input computing function and data set are altogether kept hidden from the adversary’s view. Moreover, the cloud’s output for the problem solution does also not leak any information on the problem description. In this paper, we consider these as outsourcing privacy, input privacy, and output privacy.
3. Our Scalable Verifiable Outsourcing Computation Protocol:
Inspired by the dualpolicy attributebased encryption (ABE) scheme [10, 23], we present the first publicly verifiable outsourcing computation protocol towards both (Boolean formula) outsourced functions and outsourced data sets altogether, which also relies on our introduced variant transformation [11] of the general relationship between ABE and public VC [9].
Specifically specifying the example in Section 1, the pilot vessel first initializes the service by inputting an outsourced function and an accompanied data set to generate a public key and an evaluation key and sends them to the cloud and other vessels. Thus, any vessel in this fleet can directly input the objective input for and an accompanied computation function over data set along with randomly chosen messages , altogether, to generate a problem description and a verification key . Once receiving and , the cloud computes the problem result on the problem . Finally the vessel (or a legal granted anyone) can use the verification key to efficiently check the result ’s correctness.
3.1. System Initialization Phase
Given an outsourced function with input size as inputs, define two hash functions , . The pilot vessel randomly chooses and . Then it generates and outputs two master public/secret key pairs of information pieces:
3.2. Evaluation Key Generation Phase
For an encoded objective outsourced function ’s access structure , as well as a subjective outsourced data set , pick a random vector such that for and set . Output
Similarly, we obtain the corresponding secret key using uniformly and randomly chosen independent “”type variables. (Here, we omit the descriptions on the sampling process on “”, since it is almost same as that for ) Then, where denotes the complement function of the outsourced function . Hence, output the public key and the evaluation key information as
3.3. Problem Generation Phase
Given an objective data set and the access structure of an encoded subjective function altogether as inputs, randomly choose a random vector such that for and set , . Pick two messages , and output and similarly we generate (by introducing new “”type parameters to generate by using ):Hence, output the problem description and the verification key information as where is a oneway function.
3.4. Compute Phase
Upon the problem description and the evaluation key , compute Output the problem solution .
Here, we note that this compute process can be realized efficiently (reducing the number of pairing operations) but just add a few exponentiation operations as a tradeoff.
3.5. Verification Phase
Input and . Output
Remark 5. The verifiability of is mainly against the outsourced function since the concept of the complement data sets of does not make sense in practice compared to . Hence, our can be served as a hierarchical public VC protocol towards just outsourced function, which regards the subjective function accepting outsourced data set as a hierarchical (finegrained) access control condition.
4. Security Analysis
In this section, we give correctness and efficiency analysis on our protocol at first and sketch a security analysis and privacy analysis on it as well.
4.1. Correctness Analysis
Based on the correctness of [10] dualpolicy attributebased encryption along with our modified transformation [11] between ABE and public VC in terms of [9], the correctness follows straightforwardly when both the following two conditions hold: (1) the outsourced function accepts the data set ; (2) the outsourced data set satisfies the function .
In the compute phase, the recovery process of is parallel to that of . Here, we just show the correctness of the case: where the fourth equation follows the linear reconstruction property of Definition 2, and we have
Remark 6. The correctness of the above compute phase is similar to that of the decryption process in [10].
4.2. Efficiency Analysis
In this part, we give a time and a size efficiency analysis for . Concretely, Table 3 lists the dominant time operations (i.e., pairing, exponentiation, and multiplication) in group that belongs to each step of , and moreover Table 2 gives the size calculations.


Remark 7. The compute phase’s overhead can be optimized up to .
In the protocol, Step and Step are altogether done by the pilot vessel, any vessel can perform Step , and the data center (e.g., cloud) completes Step along with the fact that anyone can carry out Step .
As the bandwidth between each entity across this marine WSNs is low [5, 24], the low parameter size is highly demanded. From Table 3, we find that most operations that need high cost reside in the data center side. Consequently, the pilot vessel can certainly afford the VC service initialization computation overhead. In this way, the overhead of the problem description paid by any vessel is short, and anyone’s verification cost on the result is very little as well. Therefore, the efficiency of the obtained is enjoyably applicable to the marine wireless sensor networks.
4.3. Security Analysis
Theorem 8 (main theorem). Let be a class of Boolean functions (implemented by a family of circuits ), and let be a class of the complement function of each function and the class of the outsourced data set and be any oneway function. Suppose Definition 4 holds; then the protocol in Section 3 achieves selective soundness property according to the security definition in Section 2.3.
We can easily reduce the security of with adaptive soundness to the adaptive security of the dualpolicy ABE [10] and the general transformation between them, since one can obtain the protocol by running the ABE scheme twice along with other techniques. More technical details can be found in Section of [10] and Appendix of [9].
4.4. Privacy Analysis
During the protocol’s process carried out, the specific contents of the outsourced part and the input part are encoded as another form. Specifically, the clients’ outsourced computing function and accompanied data set are encoded as an evaluation key and any client’s input , and is encoded as a problem generation , in such a way that the cloud cannot obtain any knowledge about the outsourcing privacy and input privacy. For the output privacy, the random message is also hidden by a oweway function ; thus the cloud can just get and is unable to recover from it (except a negligible advantage) which is considered to achieve output privacy as well.
5. Extracted SingleMode Version of Protocol
In some cases, the clients (e.g., vessels) may just outsource either data sets or computing function to the cloud; therefore we have to ask the following question: Can we transform the dualmode verifiable outsourcing computation into a singlemode one?
Intuitively, setting one of the outsourced data sets and outsourced function as “onthefly” input of protocol, we hence assume obtaining two singlemode public VC protocols towards respective outsourced function and outsourced data sets. However, this assumption fails due to the nonexistence of a singlemode for outsourcing data sets. The reasons are as follows:(1)Firstly, we should observe that the complement class of the outsourced data sets does not make any sense in practice, which is not similar to the relation between and . It is also not easy to obtain the complement class of .(2)Secondly, one can run the keypolicy ABE (KPABE) mode of dualpolicy ABE (DPABE) in [10] twice for respective and , but the relation between ciphertextpolicy ABE and public VC is not known so far. In this way, the checkability of the singlemode over outsourcing data sets cannot achieve “1.”
Hence, we can just obtain the singlemode variant of for outsourced computing function at first, namely, Type II delegation type.
5.1. Construction for SingleMode for Just Outsourcing Functions:
Inspired by the KPABE mode of dualpolicy ABE [10] and our protocol, we give the singlemode publicly verifiable outsourcing computation towards outsourcing computing functions’ construction.
(1) System Initialization Phase. This step is same as that of except for adding special data as a new input.
(2) Evaluation Key Generation Phase. This stage is same as that of except by randomly choosing and setting Hence the evaluation key behaves as
(3) Problem Generation Phase. This is almost same as that of except for sampling and setting Hence, the problem description behaves as
(4) Compute Phase. In this case, this process computes as follows: Finally, output the problem solution .
(5) Verification Phase. This step is exactly same as that of .
This concludes the construction description.
5.2. Analysis on the SingleMode for Just Outsourcing Computing Functions
In this subsection, we still give a correctness, efficiency, and security analysis on the protocol.
5.2.1. Correctness Analysis
The correctness holds when accepts the data sets , where the secret shares’ reconstruction follows
5.2.2. Efficiency Analysis
In general, the size and time efficiency of the singlemode protocol for only outsourcing computing functions are comparable to those of one. Next, we present the time and size efficiency analysis for in concrete way; Table 4 gives the size calculations and moreover Table 5 lists the dominant time operations (i.e., pairing, exponentiation, and multiplication) in group which performed in each step of singlemode .


In concrete way, the problem generation and verification overheads enjoy better efficiency than that in , but its overhead on generating evaluation key is a little expensive (including the size of ) compared to , since “onthefly” data set is involved to handle the construction. A tradeoff between Steps , , and and Steps and over the above three steps does inevitably exist. Apart from this, the overall time and time overhead are almost same as that of .
As a result, the (non)pilot vessel or anyone can efficiently run the singlemode service, and moreover the cloud’s running cost on computing the problem also turns out to be short. In this way, we can directly extract a highly efficient protocol from .
5.2.3. Security Analysis
Theorem 9 (main theorem). Let be a class of Boolean functions (implemented by a family of circuits ), and let be a class of the complement function of each function and be any oneway function. Suppose Definition 4 holds; then the singlemode protocol for only outsourcing computing functions achieves selective soundness according to the security definition in Section 2.3.
The proposed singlemode verifiable outsourcing computation protocol can be seen as a special variant of in fact, whereas their functionalities are merely not the same. Based on the security analysis on Theorem 8, Theorem 9 can be proved easily as well.
5.2.4. Privacy Analysis
The privacy analysis on the protocol is same as that of the protocol in Section 4.4.
6. Performance Evaluation
In this section, we give a performance evaluation on our and its extracted singlemode outsourcing computation protocol . Applying a certain implementation technique on realizing bilinear maps, we choose using an asymmetric bilinear group to implement the symmetric bilinear group for and in the actual experiment as in [25].
Standing by the standard NIST recommendation [26] and general remarks [25, 27] based on the Python language’s realizations along with its provided Charmcrypto Benchmark, we note that the charm tool [25] is an extensible based framework under PairingBased Cryptography (PBC) library for rapidly prototyping cryptographic schemes and protocols, which is widely used in conducting functional encryptionbased primitives. We remark that this is instantiated in an Ubuntu 12.04 operating system with 1 GB RAM (established in a MACBOOK Air Intel i5@1.8 GHz and 4 GB RAM equipped with a VMWare software). Next, we decide to employ the “SS512” elliptic curve for our performance evaluation. Finally, Table 7 shows the “SS512” curve’s element length; and moreover Table 6 gives a list of the “SS512” curve’s average runningtimes for each protocol step.


Suppose that the size of the data set , is and the value of , is . Based on the employed “SS512” elliptic curve [28], the actual size evaluation in Figure 2 and the time efficiency simulation in Figure 3 are both given. In addition, we use “+” to denote the dualmode protocol and “⋄” to denote the extracted singlemodel : protocol in both Figures 2 and 3.
From Figures 2 and 3, we can deduce the fact that both and achieve high space and time efficiency. Our protocol’s efficiency is comparable to the extracted one’s efficiency. Particularly, the overload that belongs to the weak clients’ sides is actual satisfactory.
7. Concluding Remarks
This paper presented a scalable and soundness verifiable outsourcing computation protocol in marine mobile cloud computing. Our protocol enabled any client to delegate a computation task to the server and was also able to designate anyone to verify the result. In addition, an extracted singlemode outsourcing computation protocol from was presented, which led to a fact that the client can adapt based on the inputs’ option in terms of its interest or its own needs. However, we found that our protocol could just handle the outsourcing function as the single mode; hence a design of a verifiable outsourcing computation protocol towards outsourced function may be an open problem.
Conflicts of Interest
The authors declare that they have no conflicts of interest.
Acknowledgments
The authors want to acknowledge the WASA 2017 anonymous reviewers’ suggestions. This work was supported by the National Natural Science Foundation of China (61571191, 61572192, 61472249, 61472142, and 61402282), the “Dawn” Program of Shanghai Education Commission (no. 16SG21), and the Open Foundation of State Key Laboratory of Integrated Services Networks (ISN1711).
References
 P. M. Mell and T. Grance, Draft nist working definition of cloud computing, vol. 15, 2009. View at: Publisher Site
 C. D'Este, P. de Souza, C. Sharman, and S. Allen, “Relocatable, automated costbenefit analysis for marine sensor network design,” Sensors, vol. 12, no. 3, pp. 2874–2898, 2012. View at: Publisher Site  Google Scholar
 L. Yu, H. Shen, K. Sapra, L. Ye, and Z. Cai, “CoRE: Cooperative EndtoEnd Traffic Redundancy Elimination for Reducing Cloud Bandwidth Cost,” IEEE Transactions on Parallel and Distributed Systems, vol. 28, no. 2, pp. 446–461, 2017. View at: Publisher Site  Google Scholar
 D. Huang, “Mobile cloud computing,” in Proceedings of the IEEE COMSOC Multimedia Communications Technical Committee (MMTC) ELetter, vol. 6, pp. 27–31, 2011. View at: Google Scholar
 L. Yu, L. Chen, Z. Cai, H. Shen, Y. Liang, and Y. Pan, “Stochastic Load Balancing for Virtual Resource Management in Datacenters,” IEEE Transactions on Cloud Computing, 2016. View at: Publisher Site  Google Scholar
 S. Zhang, J. Yu, A. Zhang, L. Yang, and Y. Shu, “Marine vehicle sensor network architecture and protocol designs for ocean observation,” Sensors, vol. 12, no. 1, pp. 373–390, 2012. View at: Publisher Site  Google Scholar
 P. Hu, K. Xing, X. Cheng, H. Wei, and H. Zhu, “Information leaks out: Attacks and countermeasures on compressive data gathering in wireless sensor networks,” in Proceedings of the 33rd IEEE Conference on Computer Communications, IEEE INFOCOM 2014, pp. 1258–1266, Ontario, Canada, May 2014. View at: Publisher Site  Google Scholar
 D. Huang, D. Zhao, L. Wei, Z. Wang, and Y. Du, “Modeling and analysis in marine big data: Advances and challenges,” Mathematical Problems in Engineering, vol. 2015, Article ID 384742, 2015. View at: Publisher Site  Google Scholar
 B. Parno, M. Raykova, and V. Vaikuntanathan, “How to delegate and verify in public: verifiable computation from attributebased encryption,” in Theory of Cryptography, vol. 7194 of Lecture Notes in Computer Science, pp. 422–439, Springer, Berlin, Germany, 2012. View at: Publisher Site  Google Scholar
 N. Attrapadung and H. Imai, “Dualpolicy attribute based encryption,” in Proceedings of the International Conference on Applied Cryptography and Network Security, vol. 5536, pp. 168–185, 2009. View at: Publisher Site  Google Scholar
 K. Zhang, L. Wei, X. Li, and H. Qian, “Provably secure dualmode publicly verifiable computation protocol in marine wireless sensor networks,” in Proceedings of the 12th International Conference on Wireless Algorithms, Systems, and Applications, WASA 2017, vol. 10251, pp. 210–219, Springer International Publishing, Guilin, China, 2017. View at: Publisher Site  Google Scholar
 B. Applebaum, Y. Ishai, and E. Kushilevitz, “From secrecy to soundness: Efficient verification via secure computation,” in Proceedings of the International colloquium on automata, languages and programming (ICALP), vol. 6198, pp. 152–163, 2010. View at: Publisher Site  Google Scholar
 R. Gennaro, C. Gentry, and B. Parno, “Noninteractive verifiable computing: outsourcing computation to untrusted workers,” in Advances in CryptologyCRYPTO 2010, vol. 6223, pp. 465–482, Springer, Berlin, Germany, 2010. View at: Publisher Site  Google Scholar  MathSciNet
 S. Benabbas, R. Gennaro, and Y. Vahlis, “Verifiable delegation of computation over large datasets,” in Advances in CryptologyCRYPTO 2011, vol. 6841, pp. 111–131, 2011. View at: Publisher Site  Google Scholar  MathSciNet
 M. Backes, D. Fiore, and R. M. Reischuk, “Verifiable delegation of computation on outsourced data,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, pp. 863–874, Berlin, Germany, November 2013. View at: Publisher Site  Google Scholar
 D. Fiore and R. Gennaro, “Publicly verifiable delegation of large polynomials and matrix computations, with applications,” in Proceedings of the ACM Conference on Computer and Communications Security (CCS '12), pp. 501–512, ACM, October 2012. View at: Publisher Site  Google Scholar
 K. Zhang, J. Gong, S. Tang et al., “Practical and efficient attributebased encryption with constantsize ciphertexts in outsourced verifiable computation,” in Proceedings of the 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 269–279, Xi'an, China, June 2016. View at: Publisher Site  Google Scholar
 Y. Sun, Y. Yu, X. Li, K. Zhang, H. Qian, and Y. Zhou, “Batch verifiable computation with public verifiability for outsourcing polynomials and matrix computations,” in Proceedings of the Part I of Information Security and Privacy  21st Australasian Conference, ACISP 2016, vol. 9722, pp. 293–309, Springer International Publishing, Melbourne, VIC, Australia, 2016. View at: Publisher Site  Google Scholar
 K. Chung, Y. T. Kalai, and S. P. Vadhan, “Improved delegation of computation using fully homomorphic encryption,” in in Proceedings of CRYPTO, 2010, pp. 483–501, Springer, Santa Barbara, CA, USA, 2010. View at: Google Scholar
 J. Alderman, C. Janson, C. Cid, and J. Crampton, “Access control in Publicly Verifiable Outsourced Computation,” in Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015, pp. 657–662, Singapore, April 2015. View at: Publisher Site  Google Scholar
 J. Alderman, C. Janson, C. Cid, and J. Crampton, “Hybrid Publicly Verifiable Computation,” in Topics in Cryptology  CTRSA 2016, vol. 9610 of Lecture Notes in Computer Science, pp. 147–163, Springer International Publishing, Cham, 2016. View at: Publisher Site  Google Scholar
 A. Beimel, Secure Schemes for Secret Sharing And Key Distribution [Ph.D. Thesis], TechnionIsrael Institute of technology, Faculty of computer science, 1996.
 V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attributebased encryption for finegrained access control of encrypted data,” in Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS '06), pp. 89–98, November 2006. View at: Publisher Site  Google Scholar
 L. Yu and Z. Cai, “Dynamic scaling of virtual clusters with bandwidth guarantee in cloud datacenters,” in Proceedings of the 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016, pp. 1–9, San Francisco, CA, USA, April 2016. View at: Publisher Site  Google Scholar
 J. A. Akinyele, C. Garman, I. Miers et al., “Charm: a framework for rapidly prototyping cryptosystems,” Journal of Cryptographic Engineering, vol. 3, no. 2, pp. 111–128, 2013. View at: Publisher Site  Google Scholar
 D. Giry, Bluekrypt, https://www.keylength.com/en/.
 F. Zhang, Tech. Rep., http://student.seas.gwu.edu/~zfwise/crypto.
 A. Miyaji, M. Nakabayashi, and S. Takano, “New explicit conditions of elliptic curve traces for FRreduction,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. 84, pp. 1234–1243, 2001. View at: Google Scholar
Copyright
Copyright © 2017 Kai Zhang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.