This paper is available on arxiv under CC 4.0 license.

**Authors:**

(1) Tariq Bontekoe, University of Groningen;

(2) Dimka Karastoyanova, University of Groningen;

(3) Fatih Turkmen, University of Groningen.

## Table of Links

Zero-knowledge proofs and verifiable computing

Privacy-preserving computations

Requirements: an application’s perspective

Verifiable, privacy-preserving computing

Open challenges and future directions

## 8. Conclusion

We presented a systematic overview of solutions for verifiable privacy-preserving computations, applicable to scenarios with distributed data. Specific attention was paid to solutions that offer the stronger notion of public verifiability.

First, we established the relevant background knowledge on decentralized computations, verifiable computing and ZKPs. This was followed by a summary of predominant approaches in privacy-preserving computations: MPC and HE, and a discussion of the need for verifiability. Second, we analyzed the use of verifiable PETs in different application domains, and discussed the required properties.

Third, a systematic overview on existing solutions for verifiable privacy-preserving computations for (distributed) private data was given. Solutions were categorized based on the underlying PET and verifiability approach that was used. Moreover, we compared the solution approaches based on efficiency and the earlier identified properties.

Based on our analysis, we note a number of challenges and open research questions. First, we recommend to investigate the combination of verifiability with input authentication and/or reusability, to improve security and efficiency in practice, where data is not simply a oneuse object. Also, we see a need to design post-quantum secure schemes and derive efficient public verifiability from standard assumptions. Finally, we see a lack of efficient publicly verifiable HE schemes, whereas HE itself is already in the first stages of practical adoption.

### References

[1] A. B. and S. S., “A survey on genomic data by privacy-preserving techniques perspective,” Computational Biology and Chemistry, vol. 93, p. 107538, Aug. 2021.

[2] R. Alvarez and M. Nojoumian, “Comprehensive survey on privacypreserving protocols for sealed-bid auctions,” Computers & Security, vol. 88, p. 101502, Jan. 2020.

[3] C. Baum, J. H.-y. Chiang, B. David, and T. K. Frederiksen, “SoK: Privacy-Enhancing Technologies in Finance,” 2023. [Online]. Available: https://eprint.iacr.org/2023/122

[4] Zama, “Zama - Fully homomorphic encryption.” [Online]. Available: https://www.zama.ai/

[5] T. P. Jakobsen, J. B. Nielsen, and C. Orlandi, “A Framework for Outsourcing of Secure Computation,” in Proceedings of the 6th Edition of the ACM Workshop on Cloud Computing Security, ser. CCSW ’14. New York, NY, USA: Association for Computing Machinery, Nov. 2014, pp. 81–92.

[6] B. Schoenmakers, M. Veeningen, and N. de Vreede, “Trinocchio: Privacy-Preserving Outsourcing by Distributed Verifiable Computation,” in Applied Cryptography and Network Security, ser. Lecture Notes in Computer Science, M. Manulis, A.-R. Sadeghi, and S. Schneider, Eds. Cham: Springer International Publishing, 2016, pp. 346–366.

[7] E. Ben-Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer, and M. Virza, “Zerocash: Decentralized Anonymous Payments from Bitcoin,” 2014. [Online]. Available: https://eprint. iacr.org/2014/349

[8] K. Ramchen, C. Culnane, O. Pereira, and V. Teague, “Universally Verifiable MPC and IRV Ballot Counting,” in Financial Cryptography and Data Security, ser. Lecture Notes in Computer Science, I. Goldberg and T. Moore, Eds. Cham: Springer International Publishing, 2019, pp. 301–319.

[9] J. Lee, J. Choi, J. Kim, and H. Oh, “SAVER: SNARKfriendly, Additively-homomorphic, and Verifiable Encryption and decryption with Rerandomization,” 2019. [Online]. Available: https://eprint.iacr.org/2019/1270

[10] S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System,” 2008, unpublished manuscript. [Online]. Available: https://bitcoin. org/bitcoin.pdf

[11] G. Wood, “Ethereum: A Secure Decentralised Generalised Transaction Ledger,” 2014, unpublished manuscript. [Online]. Available: https://gavwood.com/paper.pdf

[12] M. R. Ahmed, A. K. M. M. Islam, S. Shatabda, and S. Islam, “Blockchain-Based Identity Management System and SelfSovereign Identity Ecosystem: A Comprehensive Survey,” IEEE Access, vol. 10, pp. 113 436–113 481, 2022.

[13] B. Adanur Dedeturk, A. Soran, and B. Bakir-Gungor, “Blockchain for genomics and healthcare: A literature review, current status, classification and open issues,” PeerJ, vol. 9, p. e12130, 2021.

[14] Y. Lindell, “Secure Multiparty Computation (MPC),” 2020. [Online]. Available: https://eprint.iacr.org/2020/300

[15] G. Spini and S. Fehr, “Cheater Detection in SPDZ Multiparty Computation,” in Information Theoretic Security, ser. Lecture Notes in Computer Science, A. C. Nascimento and P. Barreto, Eds. Cham: Springer International Publishing, 2016, pp. 151–176.

[16] G. Asharov and C. Orlandi, “Calling Out Cheaters: Covert Security with Public Verifiability,” in Advances in Cryptology – ASIACRYPT 2012, ser. Lecture Notes in Computer Science, X. Wang and K. Sako, Eds. Berlin, Heidelberg: Springer, 2012, pp. 681–698.

[17] S. Goldwasser, S. Micali, and C. Rackoff, “The Knowledge Complexity of Interactive Proof Systems,” SIAM Journal on Computing, vol. 18, no. 1, pp. 186–208, Feb. 1989.

[18] ZKProof, “ZKProof community reference. Version 0.3,” zkproof.org, Tech. Rep., Jul. 2022.

[19] C. P. Schnorr, “Efficient Identification and Signatures for Smart Cards,” in Advances in Cryptology — CRYPTO’ 89 Proceedings, ser. Lecture Notes in Computer Science, G. Brassard, Ed. New York, NY: Springer, 1990, pp. 239–252.

[20] A. Fiat and A. Shamir, “How To Prove Yourself: Practical Solutions to Identification and Signature Problems,” in Advances in Cryptology — CRYPTO’ 86, ser. Lecture Notes in Computer Science, A. M. Odlyzko, Ed. Berlin, Heidelberg: Springer, 1987, pp. 186–194.

[21] B. Parno, J. Howell, C. Gentry, and M. Raykova, “Pinocchio: Nearly Practical Verifiable Computation,” in 2013 IEEE Symposium on Security and Privacy. Berkeley, CA, USA: IEEE, May 2013, pp. 238–252.

[22] J. Groth, “On the Size of Pairing-Based Non-interactive Arguments,” in Advances in Cryptology – EUROCRYPT 2016, ser. Lecture Notes in Computer Science, M. Fischlin and J.-S. Coron, Eds. Berlin, Heidelberg: Springer, 2016, pp. 305–326.

[23] A. Chiesa, Y. Hu, M. Maller, P. Mishra, N. Vesely, and N. Ward, “Marlin: Preprocessing zkSNARKs with Universal and Updatable SRS,” in Advances in Cryptology – EUROCRYPT 2020, ser. Lecture Notes in Computer Science, A. Canteaut and Y. Ishai, Eds. Cham: Springer International Publishing, 2020, pp. 738–768.

[24] A. Gabizon, Z. J. Williamson, and O. Ciobotaru, “PLONK: Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of Knowledge,” 2019. [Online]. Available: https: //eprint.iacr.org/2019/953

[25] B. Bunz, J. Bootle, D. Boneh, A. Poelstra, P. Wuille, and ¨ G. Maxwell, “Bulletproofs: Short Proofs for Confidential Transactions and More,” in 2018 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA: IEEE, May 2018, pp. 315–334.

[26] B. Bunz, S. Agrawal, M. Zamani, and D. Boneh, “Zether: Towards ¨ Privacy in a Smart Contract World,” in Financial Cryptography and Data Security, ser. Lecture Notes in Computer Science, J. Bonneau and N. Heninger, Eds. Cham: Springer International Publishing, 2020, pp. 423–443.

[27] T. Attema and R. Cramer, “Compressed Σ-Protocol Theory and Practical Application to Plug & Play Secure Algorithmics,” in Advances in Cryptology – CRYPTO 2020, ser. Lecture Notes in Computer Science, D. Micciancio and T. Ristenpart, Eds. Cham: Springer International Publishing, 2020, pp. 513–543.

[28] J. Thaler, “Proofs, Arguments, and Zero-Knowledge,” Foundations and Trends® in Privacy and Security, vol. 4, no. 2–4, pp. 117–660, Dec. 2022.

[29] ZKProof, “ZKProof Wiki of Concrete ZKP Schemes,” 2022. [Online]. Available: https://docs.zkproof.org/schemes

[30] D. Beaver, “Efficient Multiparty Protocols Using Circuit Randomization,” in Advances in Cryptology — CRYPTO ’91, ser. Lecture Notes in Computer Science, J. Feigenbaum, Ed. Berlin, Heidelberg: Springer, 1992, pp. 420–432.

[31] A. Shamir, “How to share a secret,” Communications of the ACM, vol. 22, no. 11, pp. 612–613, Nov. 1979.

[32] I. Damgard, V. Pastro, N. Smart, and S. Zakarias, “Multiparty Com- ˚ putation from Somewhat Homomorphic Encryption,” in Advances in Cryptology – CRYPTO 2012, ser. Lecture Notes in Computer Science, R. Safavi-Naini and R. Canetti, Eds. Berlin, Heidelberg: Springer, 2012, pp. 643–662.

[33] M. Keller, E. Orsini, and P. Scholl, “MASCOT: Faster Malicious Arithmetic Secure Computation with Oblivious Transfer,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: Association for Computing Machinery, Oct. 2016, pp. 830–842.

[34] M. Keller, “MP-SPDZ: A Versatile Framework for Multi-Party Computation,” 2020. [Online]. Available: https://eprint.iacr.org/ 2020/521

[35] A. C.-C. Yao, “How to generate and exchange secrets,” in 27th Annual Symposium on Foundations of Computer Science (Sfcs 1986). Toronto, ON, Canada: IEEE, Oct. 1986, pp. 162–167.

[36] Y. Ishai, J. Kilian, K. Nissim, and E. Petrank, “Extending Oblivious Transfers Efficiently,” in Advances in Cryptology - CRYPTO 2003, ser. Lecture Notes in Computer Science, D. Boneh, Ed. Berlin, Heidelberg: Springer, 2003, pp. 145–161.

[37] D. Beaver, S. Micali, and P. Rogaway, “The Round Complexity of Secure Protocols,” in Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing, ser. STOC ’90. New York, NY, USA: Association for Computing Machinery, Apr. 1990, pp. 503–513.

[38] D. Demmler, T. Schneider, and M. Zohner, “ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation,” in Proceedings 2015 Network and Distributed System Security Symposium. San Diego, CA: Internet Society, 2015, pp. 1–15.

[39] P. Mohassel and P. Rindal, “ABY3: A Mixed Protocol Framework for Machine Learning,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’18. New York, NY, USA: Association for Computing Machinery, Oct. 2018, pp. 35–52.

[40] C. Baum, I. Damgard, and C. Orlandi, “Publicly Auditable Secure ˚ Multi-Party Computation,” in Security and Cryptography for Networks, ser. Lecture Notes in Computer Science, M. Abdalla and R. De Prisco, Eds. Cham: Springer International Publishing, 2014, pp. 175–196.

[41] Z. Brakerski and V. Vaikuntanathan, “Efficient Fully Homomorphic Encryption from (Standard) LWE,” in 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science. Palm Springs, CA, USA: IEEE, Oct. 2011, pp. 97–106.

[42] F. Armknecht, C. Boyd, C. Carr, K. Gjøsteen, A. Jaschke, ¨ C. A. Reuter, and M. Strand, “A Guide to Fully Homomorphic Encryption,” 2015. [Online]. Available: https://eprint.iacr.org/2015/ 1192

[43] C. Gentry, “Fully homomorphic encryption using ideal lattices,” in Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, ser. STOC ’09. New York, NY, USA: Association for Computing Machinery, May 2009, pp. 169–178.

[44] G. Asharov, A. Jain, A. Lopez-Alt, E. Tromer, V. Vaikuntanathan, ´ and D. Wichs, “Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE,” in Advances in Cryptology – EUROCRYPT 2012, ser. Lecture Notes in Computer Science, D. Pointcheval and T. Johansson, Eds. Berlin, Heidelberg: Springer, 2012, pp. 483–501.

[45] A. Jain, P. M. R. Rasmussen, and A. Sahai, “Threshold Fully Homomorphic Encryption,” 2017. [Online]. Available: https://eprint.iacr.org/2017/257

[46] M. Chenal and Q. Tang, “On Key Recovery Attacks Against Existing Somewhat Homomorphic Encryption Schemes,” in Progress in Cryptology - LATINCRYPT 2014, ser. Lecture Notes in Computer Science, D. F. Aranha and A. Menezes, Eds. Cham: Springer International Publishing, 2015, pp. 239–258.

[47] R. Dahab, S. Galbraith, and E. Morais, “Adaptive Key Recovery Attacks on NTRU-Based Somewhat Homomorphic Encryption Schemes,” in Information Theoretic Security, ser. Lecture Notes in Computer Science, A. Lehmann and S. Wolf, Eds. Cham: Springer International Publishing, 2015, pp. 283–296.

[48] B. Chaturvedi, A. Chakraborty, A. Chatterjee, and D. Mukhopadhyay, “A Practical Full Key Recovery Attack on TFHE and FHEW by Inducing Decryption Errors,” 2022. [Online]. Available: https://eprint.iacr.org/2022/1563

[49] A. Chiesa, D. Ojha, and N. Spooner, “Fractal: Post-quantum and Transparent Recursive Proofs from Holography,” in Advances in Cryptology – EUROCRYPT 2020, ser. Lecture Notes in Computer Science, A. Canteaut and Y. Ishai, Eds. Cham: Springer International Publishing, 2020, pp. 769–793.

[50] B. Bunz, B. Fisch, and A. Szepieniec, “Transparent SNARKs from ¨ DARK Compilers,” in Advances in Cryptology – EUROCRYPT 2020, ser. Lecture Notes in Computer Science, A. Canteaut and Y. Ishai, Eds. Cham: Springer International Publishing, 2020, pp. 677–706.

[51] T. Bontekoe, M. Everts, and A. Peter, “Balancing privacy and accountability in digital payment methods using zk-SNARKs,” in 2022 19th Annual International Conference on Privacy, Security & Trust (PST). Fredericton, NB, Canada: IEEE, Aug. 2022, pp. 1–10.

[52] F. Engelmann, T. Kerber, M. Kohlweiss, and M. Volkhov, “Zswap: Zk-SNARK Based Non-Interactive Multi-Asset Swaps,” Proceedings on Privacy Enhancing Technologies, vol. 2022, no. 4, pp. 507–527, 2022. [Online]. Available: https://petsymposium.org/ popets/2022/popets-2022-0120.php

[53] A. Kosba, A. Miller, E. Shi, Z. Wen, and C. Papamanthou, “Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts,” in 2016 IEEE Symposium on Security and Privacy (SP). San Jose, CA, USA: IEEE, May 2016, pp. 839–858.

[54] S. Bowe, A. Chiesa, M. Green, I. Miers, P. Mishra, and H. Wu, “ZEXE: Enabling Decentralized Private Computation,” in 2020 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA: IEEE, May 2020, pp. 947–964.

[55] B. Berger and H. Cho, “Emerging technologies towards enhancing privacy in genomic data sharing,” Genome Biology, vol. 20, no. 1, p. 128, Jul. 2019.

[56] M. M. A. Aziz, M. N. Sadat, D. Alhadidi, S. Wang, X. Jiang, C. L. Brown, and N. Mohammed, “Privacy-preserving techniques of genomic data—a survey,” Briefings in Bioinformatics, vol. 20, no. 3, pp. 887–895, May 2019.

[57] A. Mohammed Yakubu and Y.-P. P. Chen, “Ensuring privacy and security of genomic data and functionalities,” Briefings in Bioinformatics, vol. 21, no. 2, pp. 511–526, Mar. 2020.

[58] T.-T. Kuo, X. Jiang, H. Tang, X. Wang, T. Bath, D. Bu, L. Wang, A. Harmanci, S. Zhang, D. Zhi, H. J. Sofia, and L. Ohno-Machado, “iDASH secure genome analysis competition 2018: Blockchain genomic data access logging, homomorphic encryption on GWAS, and DNA segment searching,” BMC Medical Genomics, vol. 13, no. 7, p. 98, Jul. 2020.

[59] T.-T. Kuo, X. Jiang, H. Tang, X. Wang, A. Harmanci, M. Kim, K. Post, D. Bu, T. Bath, J. Kim, W. Liu, H. Chen, and L. OhnoMachado, “The evolving privacy and security concerns for genomic data analysis and sharing as observed from the iDASH competition,” Journal of the American Medical Informatics Association, vol. 29, no. 12, pp. 2182–2190, Dec. 2022.

[60] iDASH, “IDASH PRIVACY & SECURITY WORKSHOP 2023 - secure genome analysis competition - Home.” [Online]. Available: http://www.humangenomeprivacy.org/2023/

[61] F. Turkmen, M. R. Asghar, and Y. Demchenko, “iGenoPri: Privacypreserving genomic data processing with integrity and correctness proofs,” in 2016 14th Annual Conference on Privacy, Security and Trust (PST). Auckland, New Zealand: IEEE, Dec. 2016, pp. 407– 410.

[62] J. Zhang, M. He, G. Zeng, and S.-M. Yiu, “Privacy-preserving verifiable elastic net among multiple institutions in the cloud,” Journal of Computer Security, vol. 26, no. 6, pp. 791–815, Jan. 2018.

[63] D. Lu, M. Li, Y. Liao, G. Tao, and H. Cai, “Verifiable PrivacyPreserving Queries on Multi-Source Dynamic DNA Datasets,” IEEE Transactions on Cloud Computing, vol. 11, no. 2, pp. 1927–1939, Apr. 2023.

[64] X. Chen, L. F. Zhang, and J. Liu, “Verifiable Homomorphic Secret Sharing for Low Degree Polynomials,” IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 4, pp. 2882–2895, Jul. 2023.

[65] L. Visscher, M. Alghazwi, D. Karastoyanova, and F. Turkmen, “Poster: Privacy-preserving Genome Analysis using Verifiable OffChain Computation,” in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’22. New York, NY, USA: Association for Computing Machinery, Nov. 2022, pp. 3475–3477.

[66] D. Joseph, R. Misoczki, M. Manzano, J. Tricot, F. D. Pinuaga, O. Lacombe, S. Leichenauer, J. Hidary, P. Venables, and R. Hansen, “Transitioning organizations to post-quantum cryptography,” Nature, vol. 605, no. 7909, pp. 237–243, May 2022.

[67] J. D. Cohen and M. J. Fischer, “A robust and verifiable cryptographically secure election scheme,” in 26th Annual Symposium on Foundations of Computer Science (Sfcs 1985), Oct. 1985, pp. 372– 382.

[68] D. Chaum, “Secret-ballot receipts: True voter-verifiable elections,” IEEE Security & Privacy, vol. 2, no. 1, pp. 38–47, Jan. 2004.

[69] J. Groth, “Non-interactive Zero-Knowledge Arguments for Voting,” in Applied Cryptography and Network Security, ser. Lecture Notes in Computer Science, J. Ioannidis, A. Keromytis, and M. Yung, Eds. Berlin, Heidelberg: Springer, 2005, pp. 467–482.

[70] S. Panja and B. Roy, “A secure end-to-end verifiable e-voting system using blockchain and cloud server,” Journal of Information Security and Applications, vol. 59, p. 102815, Jun. 2021.

[71] A. Antoniou, C. Korakas, C. Manolopoulos, A. Panagiotaki, D. Sofotassios, P. Spirakis, and Y. C. Stamatiou, “A Trust-Centered Approach for Building E-Voting Systems,” in Electronic Government, ser. Lecture Notes in Computer Science, M. A. Wimmer, J. Scholl, and A. Gr ˚ onlund, Eds. Berlin, Heidelberg: Springer, 2007, pp. ¨ 366–377.

[72] M. Rivinius, P. Reisert, D. Rausch, and R. Kuesters, “Publicly Accountable Robust Multi-Party Computation,” 2022. [Online]. Available: https://eprint.iacr.org/2022/436

[73] A. Viand, C. Knabenhans, and A. Hithnawi, “Verifiable Fully Homomorphic Encryption,” Feb. 2023.

[74] Q. Lou, M. Santriaji, A. W. B. Yudha, J. Xue, and Y. Solihin, “vFHE: Verifiable Fully Homomorphic Encryption with Blind Hash,” Mar. 2023.

[75] E. Cuvelier and O. Pereira, “Verifiable Multi-party Computation with ´ Perfectly Private Audit Trail,” in Applied Cryptography and Network Security, ser. Lecture Notes in Computer Science, M. Manulis, A.- R. Sadeghi, and S. Schneider, Eds. Cham: Springer International Publishing, 2016, pp. 367–385.

[76] M. Dutta, C. Ganesh, S. Patranabis, and N. Singh, “Compute, but Verify: Efficient Multiparty Computation over Authenticated Inputs,” 2022. [Online]. Available: https://eprint.iacr.org/2022/1648

[77] M. Veeningen, “Pinocchio-Based Adaptive zk-SNARKs and Secure/Correct Adaptive Function Evaluation,” in Progress in Cryptology - AFRICACRYPT 2017, ser. Lecture Notes in Computer Science, M. Joye and A. Nitaj, Eds. Cham: Springer International Publishing, 2017, pp. 21–39.

[78] S. Kanjalkar, Y. Zhang, S. Gandlur, and A. Miller, “Publicly Auditable MPC-as-a-Service with succinct verification and universal setup,” in 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). Vienna, Austria: IEEE, Sep. 2021, pp. 386–411.

[79] A. Ozdemir and D. Boneh, “Experimenting with Collaborative zk-SNARKs: Zero-Knowledge Proofs for Distributed Secrets,” in 31st USENIX Security Symposium (USENIX Security 22). Boston, MA: USENIX Association, Aug. 2022, pp. 4291–4308. [Online]. Available: https://www.usenix.org/conference/ usenixsecurity22/presentation/ozdemir

[80] L. Schabhuser, D. Butin, D. Demirel, and J. Buchmann, “Function- ¨ Dependent Commitments for Verifiable Multi-party Computation,” in Information Security, ser. Lecture Notes in Computer Science, L. Chen, M. Manulis, and S. Schneider, Eds. Cham: Springer International Publishing, 2018, pp. 289–307.

[81] F. Baldimtsi, A. Kiayias, T. Zacharias, and B. Zhang, “Crowd Verifiable Zero-Knowledge and End-to-End Verifiable Multiparty Computation,” in Advances in Cryptology – ASIACRYPT 2020, ser. Lecture Notes in Computer Science, S. Moriai and H. Wang, Eds. Cham: Springer International Publishing, 2020, pp. 717–748.

[82] R. Cunningham, B. Fuller, and S. Yakoubov, “Catching MPC Cheaters: Identification and Openability,” 2016. [Online]. Available: https://eprint.iacr.org/2016/611

[83] PRIViLEDGE project, “Revision of Extended Core Protocols,” HORIZON 2020, Public Deliverable D3.3, Jun. 2021. [Online]. Available: https://media.voog.com/0000/0042/1115/files/D3. 3%20-%20Revision%20of%20Extended%20Core%20Protocols.pdf

[84] B. Schoenmakers and M. Veeningen, “Universally Verifiable Multiparty Computation from Threshold Homomorphic Cryptosystems,” in Applied Cryptography and Network Security, ser. Lecture Notes in Computer Science, T. Malkin, V. Kolesnikov, A. B. Lewko, and M. Polychronakis, Eds. Cham: Springer International Publishing, 2015, pp. 3–22.

[85] C. Baum, E. Orsini, P. Scholl, and E. Soria-Vazquez, “Efficient Constant-Round MPC with Identifiable Abort and Public Verifiability,” in Advances in Cryptology – CRYPTO 2020, ser. Lecture Notes in Computer Science, D. Micciancio and T. Ristenpart, Eds. Cham: Springer International Publishing, 2020, pp. 562–592.

[86] C. Ganesh, A. Nitulescu, and E. Soria-Vazquez, “Rinocchio: SNARKs for Ring Arithmetic,” 2021. [Online]. Available: https: //eprint.iacr.org/2021/322

[87] D. Fiore, R. Gennaro, and V. Pastro, “Efficiently Verifiable Computation on Encrypted Data,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’14. New York, NY, USA: Association for Computing Machinery, Nov. 2014, pp. 844–855.

[88] D. Fiore, A. Nitulescu, and D. Pointcheval, “Boosting Verifiable Computation on Encrypted Data,” in Public-Key Cryptography – PKC 2020, ser. Lecture Notes in Computer Science, A. Kiayias, M. Kohlweiss, P. Wallden, and V. Zikas, Eds. Cham: Springer International Publishing, 2020, pp. 124–154.

[89] R. Gennaro, C. Gentry, and B. Parno, “Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers,” in Advances in Cryptology – CRYPTO 2010, ser. Lecture Notes in Computer Science, T. Rabin, Ed. Berlin, Heidelberg: Springer, 2010, pp. 465–482.

[90] D. Natarajan, A. Loveless, W. Dai, and R. Dreslinski, “CHEXMIX: Combining Homomorphic Encryption with Trusted Execution Environments for Two-party Oblivious Inference in the Cloud,” 2021. [Online]. Available: https://eprint.iacr.org/2021/1603

[91] R. Gennaro and D. Wichs, “Fully Homomorphic Message Authenticators,” in Advances in Cryptology - ASIACRYPT 2013, ser. Lecture Notes in Computer Science, K. Sako and P. Sarkar, Eds. Berlin, Heidelberg: Springer, 2013, pp. 301–320.

[92] D. Catalano and D. Fiore, “Practical Homomorphic MACs for Arithmetic Circuits,” in Advances in Cryptology – EUROCRYPT 2013, ser. Lecture Notes in Computer Science, T. Johansson and P. Q. Nguyen, Eds. Berlin, Heidelberg: Springer, 2013, pp. 336– 352.

[93] S. Chatel, C. Knabenhans, A. Pyrgelis, and J.-P. Hubaux, “Verifiable Encodings for Secure Homomorphic Analytics,” Jul. 2022.

[94] S. Li, X. Wang, and R. Zhang, “Privacy-Preserving Homomorphic MACs with Efficient Verification,” in Web Services – ICWS 2018, ser. Lecture Notes in Computer Science, H. Jin, Q. Wang, and L.-J. Zhang, Eds. Cham: Springer International Publishing, 2018, pp. 100–115.

[95] A. Bois, I. Cascudo, D. Fiore, and D. Kim, “Flexible and Efficient Verifiable Computation on Encrypted Data,” 2020. [Online]. Available: https://eprint.iacr.org/2020/1526

[96] R. Cheng, F. Zhang, J. Kos, W. He, N. Hynes, N. Johnson, A. Juels, A. Miller, and D. Song, “Ekiden: A Platform for ConfidentialityPreserving, Trustworthy, and Performant Smart Contracts,” in 2019 IEEE European Symposium on Security and Privacy (EuroS&P). Stockholm, Sweden: IEEE, Jun. 2019, pp. 185–200.

[97] R. Cramer, I. Damgard, and J. B. Nielsen, “Multiparty Computation ˚ from Threshold Homomorphic Encryption,” in Advances in Cryptology — EUROCRYPT 2001, ser. Lecture Notes in Computer Science, B. Pfitzmann, Ed. Berlin, Heidelberg: Springer, 2001, pp. 280–300.

[98] Z. Brakerski and V. Vaikuntanathan, “Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages,” in Advances in Cryptology – CRYPTO 2011, ser. Lecture Notes in Computer Science, P. Rogaway, Ed. Berlin, Heidelberg: Springer, 2011, pp. 505–524.

[99] Z. Brakerski, C. Gentry, and V. Vaikuntanathan, “(Leveled) fully homomorphic encryption without bootstrapping,” in Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, ser. ITCS ’12. New York, NY, USA: Association for Computing Machinery, Jan. 2012, pp. 309–325.

[100] D. J. Bernstein, “Pippenger’s Exponentiation Algorithm,” Jan. 2002, unpublished manuscript. [Online]. Available: https://cr.yp.to/papers/ pippenger-20020118-retypeset20220327.pdf

[101] I. T. L. Computer Security Division, “Post-Quantum Cryptography,” Jan. 2017. [Online]. Available: https://csrc.nist.gov/projects/ post-quantum-cryptography

[102] M. Backes, M. Barbosa, D. Fiore, and R. M. Reischuk, “ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data,” 2014. [Online]. Available: https://eprint.iacr.org/2014/617

[103] J. Bartusek, S. Garg, D. Masny, and P. Mukherjee, “Reusable TwoRound MPC from DDH,” in Theory of Cryptography, ser. Lecture Notes in Computer Science, R. Pass and K. Pietrzak, Eds. Cham: Springer International Publishing, 2020, pp. 320–348.

[104] C. Harth-Kitzerow, G. Carle, F. Fei, A. Luckow, and J. Klepsch, “CRGC – A Practical Framework for Constructing Reusable Garbled Circuits,” May 2022.