Verification key Y of this system consists of 2n lines of length n, and is selected randomly.
To generate the verification key, it is needed to use the function f 2n time.
They took inspiration from Benabbas et al.'s  VC scheme to use pseudorandom function that enjoys closed form efficiency to generate the verification key efficiently, and they generalized the function to multivariate case.
(ii) ProbGen(PP, [SK.sub.F], x) [right arrow] ([[sigma].sub.x], [VK.sub.x], [RK.sub.x]): Given the public parameter PP, the secret key [SK.sub.F], and the input value x [member of] Domain(F), the randomized problem generation algorithm outputs a public value [[sigma].sub.x], which is the encoding of x, together with a public verification key [VK.sub.x] for nonclient parties to verify the correctness and a private retrieval key [RK.sub.x] for the client to retrieve final result F(x).
It is reasonable to assume that the verification key for each entity is publicly available.
Set-ReKey(par, [??], [??]), (i [not equal to] j): Let [??] be the verification key of proxy [P.sub.i], to generate a re-encryption key for the proxy [P.sub.i], the entity with identifier [id.sub.i] selects [r.sub.i] [[member of].sub.R] [Z.sup.*.sub.q], [K.sub.i] [[member of].sub.R] [G.sub.2] and computes [R.SUB.1.sup.(i)] = [r.sub.i]P, [??], [??], [??], [??],
wants to send Alice money sends it to her verification key
, which she
(ii) ProbGen([PK.sub.F], [omega], G): on input [PK.sub.F], any (pilot or non- pilot) vessel can use it to encode an input [omega] into a problem description [[sigma].sub.[omega],G], as well as outputting a verification key
In our security model, we explicitly specify the encryption algorithm to output a ciphertext together with a verification key
. The verification key
resists modification and serves as an auxiliary input of the decryption algorithm to check the correctness of the outsourced computation.
However, all the fuzzy signature schemes proposed so far are not robust since the user's biometric data can be directly recovered from the (public) verification key
or signature .
The server avoids reuse of the same token by verifying the freshness of the token using a verification key
given by the ETA.