Abstract
Outsourced middlebox services have drawn broad attentions recently from both industry and academia [1]. Despite benefiting enterprises from reduced cost and increased service scalability, such services also introduce acute security concerns, because these boxes are no longer under direct control of enterprises. Among others, one fundamental and immediate requirement is to ensure that those middleboxes always perform network functions truthfully and correctly [2]. Fulfilling this requirement will extend enterprises' visibility into remote middleboxes and promote further adoption of middlebox outsourcing services. Unfortunately, to our best knowledge, little work investigates the above problem, i.e., making network functions executed by middleboxes verifiable.