Comments on “Publicly Verifiable Computation of Polynomials Over Outsourced Data With Multiple Sources”

摘要

With more organizational and individual data owners storing their data in the cloud, there is a corresponding need to ensure that such outsourced data can be computed by the data owners or some authorized third parties. In other words, the cloud server performs the requested computation, and returns the computation result to the requesting party. Such a paradigm is referred to as outsourced computation in the literature. A challenge is how one can ensure the correctness of the returned result, and this has been extensively studied in the literature. For example, in 2017, Song et al. proposed a protocol for publicly verifiable computation of polynomials over outsourced data with multiple sources. However, we reveal that a core building block of their protocol allows an adversary to forge the signatures on the outsourced data. Hence, this invalidates the security of the protocol. We also point out their proposal is yet very interesting and useful, only a little improvement can strengthen their proposal to be secure.