log in  |  register  |  feedback?  |  help  |  web accessibility
PhD Defense: Verifiable Computation in Practice: Tools and Protocols
Ahmed Kosba
Wednesday, July 25, 2018, 1:00-3:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)

Verifiable computation (VC) protocols enable clients to outsource computations to untrusted servers in the cloud without compromising the integrity of the computation. Although cryptographic approaches for verifiable computation were mostly of theoretical interest in the past, there has been great progress in the area during the past few years. In particular, efficient constructions for Zero-Knowledge Succinct Non-interactive ARguments of Knowledge (zk-SNARKs) were proposed and adopted in practice. These techniques enable an untrusted server to prove the correctness of the computation in zero-knowledge using a succinct proof that can be verified efficiently by the client. 

This thesis aims at addressing some challenges in such VC protocols, and developing practical protocols for cryptocurrency applications. The challenges we address include the proof computation overhead at the prover's side, and the level of expertise expected from the programmers to write secure and efficient programs for VC. More specifically, current protocols require the programmer to carefully express the computation as an arithmetic circuit, in a way that minimizes the proof computation overhead and prevents malicious behavior, which is a non-trivial task. 

To address the above challenges, we present a framework that aims to reduce the proof computation overhead, and offer more programmability to non-specialist developers, while automating the task of circuit minimization through a combination of techniques. The framework includes new circuit-friendly algorithms for frequent operations, which achieve constant to asymptotic savings over algorithms used in previous compilers. In addition, we explore and optimize cryptographic primitives that have efficient arithmetic circuit representations.

Furthermore, we explore different settings where VC can be used in practice. We present the design of Hawk, a system for privacy-preserving smart contracts. Hawk enables custom decentralized applications in the smart contract setting to run verifiably on top of the blockchain, while keeping the participants' inputs private. Additionally, we explore how VC techniques and smart contracts could enable practical crimes in the future, which highlights the importance of working on countermeasures.

Examining Committee: 
                          Chair:               Dr. Charalampos Papamanthou
                          Co-Chair:        Dr. Elaine Shi
                          Dean's rep:      Dr. Lawrence Washington
                          Members:        Dr. Hector Corrada Bravo
                                                    Dr. Jonathan Katz
This talk is organized by Tom Hurst