UCLA researchers have developed a non-interactive and publicly-verifiable method for delegating computation of a program (which may be proprietary) to an untrusted remote worker, allowing any verifier (who does not know the program) to confidently accept the output by verifying a succinct proof and a hash commitment of the program.
As cloud services and remote computation become more common, users increasingly need to rely on untrusted parties to perform computations on programs they did not author or fully share. Existing delegation schemes often require interactive protocols, prior trust relationships, or require the verifier to know the full program description. Some publicly-verifiable delegation systems are either inefficient (large proofs, heavy computation for verifier) or rely on strong assumptions (like SNARG/SNARK frameworks, which may have large setup overheads or require knowledge of the program by verifier). There is a need for delegation schemes that are efficient, non-interactive, publicly verifiable, keep the program commitment secret from verifiers, and rely on standard hardness assumptions.
The technology introduces a delegation protocol wherein the program author (Alice) first commits to her program via a succinct hash. She sends the program to an untrusted worker, but only the hash is made public to verifiers. An input provider supplies input x to both the worker and the verifier. The worker executes the program on x, producing output along with a succinct proof (of correctness). The verifier, using only the program hash, the output, the proof, and the input x, can check that the result is correct — without ever knowing the full program. The proof size, the verifier’s computation, and communication are all designed to be poly-logarithmic (in program size) or otherwise efficient. Security is based on standard assumptions such as Learning With Errors (LWE). The scheme is non-interactive (i.e. workflows involving only unidirectional communication) and supports optional zero-knowledge.
Verifier does not need full knowledge of the program, only a hash, preserving confidentiality.
Non-interactive: avoids back-and-forth communication, simplifying deployment.
Succinct proofs: small proof size and low verification cost (poly(log|P|), etc.).
Based on standard cryptographic hardness assumptions (e.g. LWE), rather than weaker or exotic primitives.
Optionally zero-knowledge: output proof can be constructed such that no additional program details are revealed beyond correctness.
Useful in settings where remote workers execute proprietary programs and outputs need to be trusted (e.g. cloud computing, AI model deployment).
Cloud services where clients delegate computation to servers and need assurance of correct execution.
AI / ML model deployment where model weights (the “program”) must remain private.
Blockchain or decentralized computation / verifiable computing systems.
Secure outsourcing of computations in industries like finance, health, or scientific computing.
Verifiable computation in client-server or edge-cloud settings where minimal communication is desired.
US 2024/0137222 A1 — Efficient Methods for Trusted Remote Program Execution Efficient Methods for Trusted Remote Program Execution (US20240137222A1) Inventors: Riddhi Ghosal; Amit Sahai; Brent Waters. Assignee: NTT Research, Inc. Google Patents+1