Verifying Cloud Computing with Zero KnowledgeCategory: Science & Technology
Posted: September 16, 2013 12:59PM
Cloud computing is growing in popularity as it allows people and groups to reduce hardware expenses, while still having access to computer power. The catch with cloud computing is the cloud part, as it means data has to be transmitted and processed on a device that other people, possibly with ill-intent, have access to. Researchers at MIT though have developed a system to guard against that with a novel application of zero knowledge proofs.
There are some funky things you can do with mathematics, such as zero knowledge proofs. These are proofs that can allow an entity to prove they possess secret information, without sharing the information. What the MIT researchers have done is developed a way to use these to verify that a program being run in the cloud, is the intended program and has not been compromised by malicious code. It can also protect the information that is being processed in the cloud. A major part of how the researchers accomplished this is a variation of a 'probabilistically checkable proof' (PCP). Typically checking a proof requires going line by line, but with a PCP it is possible to sample only a portion of the proof, and still guarantee it is correct. The variation involved adding cryptographic encoding that limits what a malicious hacker can do to the code to just linear operations. With such a limitation, a PCP can be safely used.
Currently the system only works with programs written in C, as it has to convert the code to circuit diagrams. However, it should not be too difficult to apply it to other languages.