有別於當紅的雲端運算計算架構由中央主機控管所有運算資源，近年提出的霧運算(fog computing)則為分散式運算系統。它是個更貼近於使用者端的異質性運算架構，因為無中央控制節點，所以必需具備自組織的運作架構。同時，最近興起的區塊鍊(blockchain)共識機制則提供了一個新的分散式運算架構典範。區塊鍊源於比特幣(Bitcoin)的分散式電子帳本技術。不同於傳統的電子金流由中央系統所監控，比特幣藉由區塊鍊機制維持分散式帳本運作，所以可以在對等式網路中提供等同於網路銀行的交易服務，本論文首先探討利用區塊鍊機制維持整個霧運算平台的資訊完整性和資訊可用性。
區塊鍊依靠挖礦行為產生共識，礦工付出一定的運算能力來產生工作量證明，藉以產生難以偽造的區塊鍊共識資料。然而，原有的工作量證明機制所運算出的結果僅是為了產生難以偽照的共識帳本，並沒有實值上解決任何運算任務，這造成大量的運算資源浪費。
本篇論文提出任務量證明機制(proof of assignment)，藉由改進比特幣工作量證明(proof of work)演算法，並且結合分散式的基因演算法，將要解決的任務編碼成基因體資訊。霧運算平台可在挖礦的過程中解決運算複雜度為NP的問題，將傳統分散式電子貨幣浪費的運算資源轉換成可被利用的霧運算資源。不同於傳統霧運算平台欠缺中央控制機制，本論文使用區塊鍊共識機制在霧運算平台達成傳統上需要中央集權式架構才能達成的資源控管，任何機構甚至雲端計算機房都可以提交自己的運算任務到此霧運算平台。建立在區塊鍊上的共識機制會自動競價與分配最有利可圖的運算任務給所有霧運算節點，且可自動切換任務配置、自動整合出最佳解。霧運算平台通常為異質性的運算架構，所以本平台也實作了通用圖形處理器(GPGPU)的延伸架構，藉由不同的APU硬體架構，加速運算任務的進行。
此公眾開放的霧運算平台必定有許多資訊安全上的疑慮，為了達成整個系統的高安全性，整個霧運算平台需確保資訊的機密性(Confidentiality)和完整性(integrity)、有效性(availability)，也就是所謂的CIA。本論文使用了區塊鍊當作共識機制解決拜占庭將軍問題，藉此達成了資訊完整性和系統可用性，另外改進和實作了全同態加密(fully homomorphic encryption)，讓資訊可以在公眾平台上計算，但又能夠確保資訊的機密性。全同態加密法的架構源自於西元2009年由Gentry所提出，它讓加密後的密文執行特定的運算後，再將其解密即可得出該對應的明文運算結果。利用全同態運算可直接運算處理加密過後的數據，但又可以得出正確無誤的結果，在運算過程中都不需對數據進行解密，此技術能解決將數據委託給公眾霧運算平台的安全性問題，所以我們將此技術改良應用在本霧運算平台。因而，本平台的機密性、完整性和可用性將可獲得大幅改進，實驗也用CIA準則此來證明本系統資安機制的防護強度。
最後本論文以工作量證明和Block Verifiable Homomorphic Encryption實作了一個霧運算平台，並且設計了數十個實驗實證此平台的可擴展性、穩定性、有效性和各個應用下的資訊機密性。實證此平台的確達成了資訊安全CIA的三準則。

Beside recently high-profile cloud computing centrally controlling all the computing resource, fog computing platforms are distributed computing architecture without centralized servers. It is a heterogeneous computing architecture near end-user. Autonomous configuration ability is required because there is no central control point. At the same time, blockchain is introduces as a novel computing paradigm of distributed computation. Blockchain originated from the distributed ledger of Bitcoin. Unlike conventional electronic payment systems controlled by central authorities, Bitcoin maintains the distributed ledger with blockchain. As a result, Bitcoin is able to provide the service such as online distributed bank. This thesis proposes a fog computing platform which is controlled by blockcahin for information integrity and information availability.
Blockchain consensus emerges from so called mining. Miner cost their computation resource to generate their proof-of-work for counterfeit-resistant data of the blockcahin. However, the original proof-of-work is only for counterfeit-resistant distributed ledger. The results of proof-of-work mechanism are meaningless values in waste of participants’ computing resources.
This thesis proposes an enhanced proof-of-work algorithm, proof-of-assignment, which is combined with distributed genetic algorithms to encode assignments into chromosomes. Therefore, the proposed fog computing platform is able to solve NP problems in the process of mining. It turns the wasted computing resource of cryptocurrency into usable fog computing resource. Different form conventional fog computing platforms lack of central control, this thesis applies blockchain for resource coordination without a central server. Any users or cloud computing platforms are allowed submit assignments to this fog computing platform. The blockchain consensus dispatches the assignments to all the computing nodes in the fog computing platform according to the profit and cost. It switches the assignments automatically and integrates the optimal result. Since fog computing is a heterogeneous computing architecture, the proposed fog computing platform supporting GPGPU which utilize additional APUs to accelerate the computing.
There are many security issues in this public fog computing platform. It is necessary to ensure all aspects of information security including confidentially, integrity and availability. This thesis applies blockchain consensus for Byzantine generals problem. Homomorphic encryption system provides an excellent solution for confidential computing, which allows a worker without the secret decryption key to compute any result of the data on one hand and still keep the data privacy on the other hand. This thesis proposes a system that utilizes fully homomorphic computation to process the customer's encrypted data, and get the right result without the need to decrypt the data in the whole process, which accomplishes CIA triad in information security.

[1] D. P. Anderson, "Boinc: A system for public-resource computing and storage," in Fifth IEEE/ACM International Workshop on Grid Computing, 2004, Pittsburgh, USA, 2004.
[2] N. Satoshi, Bitcoin: A peer-to-peer electronic cash system, 2008.
[3] D. Cynthia and M. Naor., "Pricing via processing or combatting junk mail," in Annual International Cryptology Conference, Berlin Heidelberg, 1992.
[4] B. Adam., Hashcash-a denial of service counter-measure, 2002.
[5] L. Charles, Litecoin, 2011.
[6] C. Percival, Stronger key derivation via sequential memory-hard functions, 2009.
[7] K. Sunny., Primecoin: Cryptocurrency with prime number proof-of-work, 2013.
[8] S. John, D. Gohara and G. Shi, "OpenCL: A parallel programming standard for heterogeneous computing systems," Computing in science & engineering, vol. 12, pp. 66-73, 2013.
[9] HSA, "HSA foundation," 2016. [Online].
[10] D. Bouvier, B. Cohen, W. Fry, S. Godey and M. Mantor, "Kabini: An AMD Accelerated Processing Unit System on A Chip," IEEE Micro, vol. 34, pp. 22-33, 2014.
[11] P. Pascal., "Public-key cryptosystems based on composite degree residuosity classes," in International Conference on the Theory and Applications of Cryptographic Techniques, Springer Berlin Heidelberg, 1999.
[12] J. Bringer, H. Chabanne, M. Izabachène, D. Pointcheval, Q. Tang and S. Zimmer, "An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication," in Australasian Conference on Information Security and Privacy, Berlin Heidelberg, 2007.
[13] R. Rivest, A. Shamir and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems," Communications of the ACM, vol. 21, 1978.
[14] T. Elgamal, "A public key cryptosystem and a signature scheme based on discrete logarithms," IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 469-472, 1985.
[15] R. Rivest, L. Adleman and M. Dertouzos, "On data banks and privacy homomorphisms," Foundations of secure computation, vol. 11, no. 4, 1978.
[16] D. Boneh, E.-J. Goh and K. Nissim, "Evaluating 2-DNF Formulas on Ciphertexts," in Theory of Cryptography, Berlin, Heidelberg, 2005.
[17] G. Craig and S. Halev, "Fully homomorphic encryption without squashing using depth-3 arithmetic circuits," in Foundations of Computer Science (FOCS), Palm Springs, CA, USA, 2011.
[18] R. Oded, "On lattices, learning with errors, random linear codes and cryptography," Journal of the ACM, vol. 56, no. 6, p. 34, 2009.
[19] P. Chris, "Public-key cryptosystems from the worst-case shortest vector problem," in ACM symposium on Theory of computing, New York, USA, 2009.
[20] P. Chris, "Lattice cryptography for the internet," in International Workshop on Post-Quantum Cryptography, Waterloo, ON, Canada, 2014.
[21] A. Yao, "Protocols for secure computations," in 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982), Chicago, IL, USA, 1982.
[22] A. Yao, "How to generate and exchange secrets," in 27th Annual Symposium on Foundations of Computer Science (sfcs 1986), Toronto, ON, Canada, 1986.
[23] Y. Lindell and B. Pinkas, "A Proof of Security of Yao’s Protocol for Two-Party Computation," Journal of Cryptology, vol. 22, no. 2, pp. 161-188, 2009.
[24] J. Holland, "Adaptation in natural and artificial systems: an introductory analysis with applications to biology, control, and artificial intelligence," MIT press, 1992.
[25] A. Genco and S. Lopes, "Genetic algorithms on distributed systems," WIT Transactions on Information and Communication Technologies, 1970.
[26] A. Kahate, Cryptography and network security, Tata McGraw-Hill Education, 2013.
[27] P. Rogaway, "Evaluation of some blockcipher modes of operation," Cryptography Research and Evaluation Committees (CRYPTREC), Japan, 2011.
[28] R. Gennaro, G. Craig and P. Bryan, "Non-interactive verifiable computing: Outsourcing computation to untrusted workers," in 30th Annual Cryptology Conference, Santa Barbara, CA, USA, 2010.
[29] B. Kreuter, A. Shelat and C.-H. Shen, "Billion-Gate Secure Computation with Malicious Adversaries," in USENIX Security Symposium, Bellevue, WA, USA, 2012.
[30] B. Pinkas, T. Schneider, N. Smart and S. Williams, "Secure Two-Party Computation Is Practical," in Advances in Cryptology ASIACRYPT 2009 , Tokyo, Japan, 2009.
[31] C.-h. Shen, "Two-output secure computation with malicious adversaries," in Annual International Conference on the Theory and Applications of Cryptographic Techniques, Berlin Heidelberg, 2011.
[32] L. Yehuda and B. Pinkas, "Secure two-party computation via cut-and-choose oblivious transfer," Journal of cryptology, vol. 25, no. 4, pp. 680-722, 2012.
[33] G. Reinelt, "TSPLIB—A traveling salesman problem library," ORSA journal on computing, vol. 3, no. 4, pp. 376-384, 1991.
[34] G. Hidalgo, J. María, E. Sánz and F. García, "Content based SMS spam filtering," in 2006 ACM symposium on Document engineering, New York, USA, 2006.
[35] N. I. o. S. a. T. (NIST), Advanced Encryption Standard, Federal Information Processing Standards, 2001.
[36] D. Joan and V. Rijmen, AES proposal: Rijndael, 1999.
[37] nVIDIA, "nVIDIA’s Next Generation CUDATM Compute Architecture," 2009. [Online]. Available: https://www.nvidia.com/content/PDF/fermi_white_papers/NVIDIAFermiComputeArchitectureWhitepaper.pdf.