I had heard of this paper but reading a summary now makes me link the idea with secure verifiable computing [1]. This is basically the same base idea where A wants to send a program to B so that B can use the program but not know what it does. In the case of the original article, you want B to get back the results by himself (like in a conventional application).<p>However, there is another approach where B is just an untrusted third party where you want to outsource the computation. In other words, A wants to get back the result and check it, without B knowing anything of it. There is actually a(n almost) generic construction that allows that [2]. In short, you consider the boolean circuit of what you want to compute and transform it so that the inputs are keys necessary to unroll the computation, until getting the encrypted result. More specifically, step 1 gets the input keys and compute some new key (amongst several possible); step 2 use this key for next computation and so on.<p>On the one hand, this constructions are very neat because they give us a better understanding of what we can do with cryptography. On the other hand, they can be a little frightening because they are the theoretical grail for DRMs and such.<p>[1] <a href="https://en.wikipedia.org/wiki/Verifiable_computing" rel="nofollow">https://en.wikipedia.org/wiki/Verifiable_computing</a><p>[2] Part 1 of <i>A Proof of Security of Yao's Protocol for Two-Party Computation</i>, <a href="http://eprint.iacr.org/2004/175.pdf" rel="nofollow">http://eprint.iacr.org/2004/175.pdf</a>