two problems

1. Is it possible for a remote server to prove that the software it runs is what it claims to run to the client.

2. Is it possible for a piece of software to operate on encrypted content in such a way that the owner of the machine cannot know what the software is doing, and no information about the data being processed is exposed?

1. No.
2. Fuck you
3. I have not even read your post
4. Fuck you

WTH IS THIS THOUGHTS AND PATTERNS
STOP BRANI CUNT FEEL TANASIN

>>1
1. No, virtual machine
2. No, physically impossible

>>2
If you didn't find >>1 interesting enough to read, what makes you think >>2 would be?

>>5
DUDE WAT

Some people, when confronted with two problems, think "I know, I'll ask /prog/." Now they still have two problems.

FUVKING BRONIES
DEY RUN EVRYTHING

>>1
With all DRM errthang. That's the future Intel wants, and if you stick with x86, the future they'll get.

>>8
agreed
worse than narutarfds

>>9
that's what happens when you listen to Cudder the twice-anused
I laugh at your retardness

>>1 not super-clear, but lets see..
1. the server could send a hash of the executable... (not very foolproof as is, it could run a different program, and just send the hash of the one it should be running..)
2. freenet kind of does this (but it doesn't do much of any processing, just stores & retrieves encrypted data)

>>12
Typical dumb goy.

>>12
I'd expect 1 to be impossible. Since you are communicating with a device over a network, all you know is the input and output. I guess the closest thing is to trust the server and use authentication to verify its identity. And besides, you can never know what other devices may be listening in the middle anyway.

2 sounds reasonable when the operation is storing and retrieving data. I suppose if there was any other type of operation, the encryption function would need to be an isomorphism for whatever the function was.

let enc be the encryption function.
let k the encryption key.
let d1, d2 be two plain text data elements.
let f be some operation defined on the data elements.
let d3 = f(d1,d2).

find an operation defined on the encrypted data elements, g, such that:

c1 = enc(k,d1)
c2 = enc(k,d2)
c3 = enc(k,d3)
= enc(k,f(d1,d2))
= g(enc(k,d1),enc(k,d2))
= g(c1,c2)

Client encrypts d1, d2, and creates a g for f. Then the client gives the server, g, c1, c2. Server computes c3 using c1, c2, and g, and sends c3 back to the client. client decrypts c3. client uses le cloud without sacrificing privacy.

But knowing g, c1, and c2, you must not be able to infer what d1, d2, f, or d3 are.

>>14 encrypted instruction sets come to mind, but i haven't really looked at how they work.. Probably just another feature for viruses..

Maybe if the server's memory was completely open and observable (read only) through the network you'd have half a chance..? if All operations could be verified..

two words: treacherous computing.

Two more interesting words: homomorphic encryption. It's what >>1-kun would have asked about if he had any clue about anything.

>>17
Two more interesting words: homomorphic encryption.
Encryption that hates gays? Check ur privilege!

>>15
encrypted instruction sets come to mind, but i haven't really looked at how they work.. Probably just another feature for viruses..

Yeah, that just sounds like obfuscation to me. Unless of course the decryption of instructions is done at the hardware level, at a point on the chip that would be difficult to access without destroying it.. But that's more useful to DRM. I'm looking for a solution to 1 to make a server that can prove it acts in your interest. Maybe even give a boost to servers that can prove they run open source software. 2 is for using le cloud without giving le cloud owner all of your le data.

Maybe if the server's memory was completely open and observable (read only) through the network you'd have half a chance..? if All operations could be verified..

Yeah, that's the thing. Since you are getting this memory information from the server, how do you know the server isn't just running what it needs in order to report the correct information to you, while also running something else in background without your knowledge? Without ownership of the hardware, you can't know what has been installed.

>>16
Eh?

>>17
Thank you. One step closer to having a clue, I am.

>>19 hm i think i saw something about this once, might've been called something like secure distributed computing? Basically, you need a bunch (or at least a few) servers doing redundant operations, and as long as they aren't all comprimised, the bad ones should be detected if their operations don't match the good (correct) operations.. Though if you assign an operation to two bad servers, they might conspire and give you a bad result..

secure distributed dubs

encrypted instruction sets
JEWS