Secure outsourcing of computation to an untrusted (cloud) service provider is becoming more and more important. Pure cryptographic
solutions based on fully homomorphic and verifiable encryption, recently proposed, are promising but suffer from very high
latency. Other proposals perform the whole computation on tamper-proof hardware and usually suffer from the the same problem.
Trusted computing (TC) is another promising approach that uses trusted software and hardware components on computing platforms
to provide useful mechanisms such as attestation allowing the data owner to verify the integrity of the cloud and its computation.
However, on the one hand these solutions require trust in hardware (CPU, trusted computing modules) that are under the physical
control of the cloud provider, and on the other hand they still have to face the challenge of run-time attestation.
In this paper we focus on applications where the latency of the computation should be minimized, i.e., the time from submitting
the query until receiving the outcome of the computation should be as small as possible. To achieve this we show how to combine
a trusted hardware token (e.g., a cryptographic coprocessor or provided by the customer) with Secure Function Evaluation (SFE)
to compute arbitrary functions on secret (encrypted) data where the computation leaks no information and is verifiable. The
token is used in the setup phase only whereas in the time-critical online phase the cloud computes the encrypted function
on encrypted data using symmetric encryption primitives only and without any interaction with other entities.
Keywords Cloud Computing - Hardware Token - Outsourcing
Supported by EU FP7 projects CACE and UNIQUE, and ECRYPT II.