Conference proceeding
vRAM: Faster Verifiable RAM With Program-Independent Preprocessing
2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), v 2018-, pp 908-925
01 Jan 2018
Abstract
We study the problem of verifiable computation (VC) for RAM programs, where a computationally weak verifier outsources the execution of a program to a powerful (but untrusted) prover. Existing efficient implementations of VC protocols require an expensive preprocessing phase that binds the parties to a single circuit. (While there are schemes that avoid preprocessing entirely, their performance remains significantly worse than constructions with preprocessing.) Thus, a prover and verifier are forced to choose between two approaches: (1) Allow verification of arbitrary RAM programs, at the expense of efficiency, by preprocessing a universal circuit which can handle all possible instructions during each CPU cycle; or (2) Sacrifice expressiveness by preprocessing an efficient circuit which is tailored to the verification of a single specific RAM program.
We present vRAM, a VC system for RAM programs that avoids both the above drawbacks by having a preprocessing phase that is entirely circuit-independent (other than an upper bound on the circuit size). During the proving phase, once the program to be verified and its inputs are chosen, the circuit-independence of our construction allows the parties to use a smaller circuit tailored to verifying the specific program on the chosen inputs, i.e., without needing to encode all possible instructions in each cycle. Moreover, our construction is the first with asymptotically optimal prover overhead; i.e., the work of the prover is a constant multiplicative factor of the time to execute the program.
Our experimental evaluation demonstrates that vRAM reduces the prover's memory consumption by 55-110x and its running time by 9-30x compared to existing schemes with universal preprocessing. This allows us to scale to RAM computations with more than 2 million CPU cycles, a 65x improvement compared to the state of the art. Finally, vRAM has performance comparable to (and sometimes better than) the best existing scheme with program-specific preprocessing despite the fact that the latter can deploy program-specific optimizations (and has to pay a separate preprocessing cost for every new program).
Metrics
Details
- Title
- vRAM: Faster Verifiable RAM With Program-Independent Preprocessing
- Creators
- Yupeng Zhang - University of Maryland, College ParkDaniel Genkin - University of Maryland, College ParkJonathan Katz - University of Maryland, College ParkDimitrios Papadopoulos - University of Maryland, College ParkCharalampos Papamanthou - University of Maryland, College ParkIEEE
- Publication Details
- 2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), v 2018-, pp 908-925
- Series
- IEEE Symposium on Security and Privacy
- Publisher
- IEEE
- Number of pages
- 18
- Grant note
- National Institute of Standards and Technology; National Institute of Standards & Technology (NIST) - USA FA8650-16-C-7622 / Defense Advanced Research Project Agency (DARPA); United States Department of Defense; Defense Advanced Research Projects Agency (DARPA) 2017-2018 Rothschild Postdoctoral Fellowship 70NANB1511328 / U.S. Department of Commerce 1514261; 1652259 / NSF; National Science Foundation (NSF)
- Resource Type
- Conference proceeding
- Language
- English
- Academic Unit
- Mathematics
- Web of Science ID
- WOS:000442163200054
- Scopus ID
- 2-s2.0-85051000847
- Other Identifier
- 991020531825704721
InCites Highlights
Data related to this publication, from InCites Benchmarking & Analytics tool:
- Collaboration types
- Domestic collaboration
- International collaboration
- Web of Science research areas
- Computer Science, Theory & Methods
- Engineering, Electrical & Electronic