Homomorphic encryption, which enables the execution of arithmetic operations directly on ciphertexts, is a promising solution for protecting privacy of cloud-delegated computations on sensitive data. However, the correctness of the computation result is not ensured. We propose two error detection encodings and build authenticators that enable practical client-verification of cloud-based homomorphic computations under different trade-offs and without compromising on the features of the encryption algorithm. Our authenticators operate on top of trending ring learning with errors based fully homomorphic encryption schemes over the integers. We implement our solution in VERITAS, a ready-to-use system for verification of outsourced computations executed over encrypted data. We show that contrary to prior work VERITAS supports verification of any homomorphic operation and we demonstrate its practicality for various applications, such as ride-hailing, genomic-data analysis, encrypted search, and machine-learning training and inference.

翻译：同态加密允许直接在密文上执行算术运算，是保护云端敏感数据计算隐私的有效解决方案。然而，该方案无法确保计算结果的正确性。本文提出两种错误检测编码方法，并构建了验证器，使得在不同权衡条件下能够对基于云端的同态计算进行实用的客户端验证，同时不损害加密算法的特性。我们的验证器构建于当前流行的基于整数环上误差学习的全同态加密方案之上。我们在VERITAS系统中实现了该方案，这是一个可直接用于验证加密数据外包计算的系统。研究表明，与先前工作不同，VERITAS支持对所有同态运算进行验证，并通过网约车服务、基因组数据分析、加密搜索以及机器学习训练与推理等多种应用场景证明了其实用性。