ABSTRACT
In this work we study interactive proofs for tractable languages. The (honest) prover should be efficient and run in polynomial time, or in other words a "muggle". The verifier should be super-efficient and run in nearly-linear time. These proof systems can be used for delegating computation: a server can run a computation for a client and interactively prove the correctness of the result. The client can verify the result's correctness in nearly-linear time (instead of running the entire computation itself). Previously, related questions were considered in the Holographic Proof setting by Babai, Fortnow, Levin and Szegedy, in the argument setting under computational assumptions by Kilian, and in the random oracle model by Micali. Our focus, however, is on the original interactive proof model where no assumptions are made on the computational power or adaptiveness of dishonest provers. Our main technical theorem gives a public coin interactive proof for any language computable by a log-space uniform boolean circuit with depth d and input length n. The verifier runs in time (n+d) • polylog(n) and space O(log(n)), the communication complexity is d • polylog(n), and the prover runs in time poly(n). In particular, for languages computable by log-space uniform NC (circuits of polylog(n) depth), the prover is efficient, the verifier runs in time n • polylog(n) and space O(log(n)), and the communication complexity is polylog(n). Using this theorem we make progress on several questions: We show how to construct short (polylog size) computationally sound non-interactive certificates of correctness for any log-space uniform NC computation, in the public-key model. The certificates can be verified in quasi-linear time and are for a designated verifier: each certificate is tailored to the verifier's public key. This result uses a recent transformation of Kalai and Raz from public-coin interactive proofs to one-round arguments. The soundness of the certificates is based on the existence of a PIR scheme with polylog communication. Interactive proofs with public-coin, log-space, poly-time verifiers for all of P. This settles an open question regarding the expressive power of proof systems with such verifiers. Zero-knowledge interactive proofs with communication complexity that is quasi-linear in the witness, length for any NP language verifiable in NC, based on the existence of one-way functions. Probabilistically checkable arguments (a model due to Kalai and Raz) of size polynomial in the witness length (rather than the instance length) for any NP language verifiable in NC, under computational assumptions.
- ET, phone SETI@home!. Science@NASA headlines, 1999.Google Scholar
- The great internet mersenne prime search, project webpage. http://www.mersenne.org/, 2007.Google Scholar
- SETI@home project website. http://setiathome.berkeley.edu/, 2007.Google Scholar
- M. Agrawal, N. Kayal, and N. Saxena. PRIMES is in P. Annals of Mathematics, 160(2):781--793, 2004.Google ScholarCross Ref
- D. P. Anderson. Public computing: Reconnecting people to science. In Conference on Shared Knowledge and the Web, 2003.Google Scholar
- D. P. Anderson. BOINC: A system for public-resource computing and storage. In GRID, pages 4--10, 2004. Google ScholarDigital Library
- S. Arora, C. Lund, R. Motwani, M. Sudan, and M. Szegedy. Proof verification and hardness of approximation problems. In FOCS, pages 14--23, 1992. Google ScholarDigital Library
- S. Arora and S. Safra. Probabilistic checking of proofs: a new characterization of NP. Journal of the ACM, 45(1):70--122, 1998. Google ScholarDigital Library
- L. Babai. Trading group theory for randomness. In STOC, pages 421--429, 1985. Google ScholarDigital Library
- L. Babai, L. Fortnow, L. A. Levin, and M. Szegedy. Checking computations in polylogarithmic time. In STOC, pages 21--31, 1991. Google ScholarDigital Library
- L. Babai, L. Fortnow, and C. Lund. Non-deterministic exponential time has two-prover interactive protocols. In FOCS, pages 16--25, 1990. Google ScholarDigital Library
- B. Barak and O. Goldreich. Universal arguments and their applications. In CCC, pages 194--203, 2002. Google ScholarDigital Library
- R. Beigel, M. Bellare, J. Feigenbaum, and S. Goldwasser. Languages that are easier than their proofs. In FOCS, pages 19--28, 1991. Google ScholarDigital Library
- M. Ben-Or, O. Goldreich, S. Goldwasser, J. Håstad, J. Kilian,S. Micali, and P. Rogaway. Everything provable is provable in zero-knowledge. In CRYPTO, pages 37--56, 1988. Google ScholarDigital Library
- M. Ben-Or, S. Goldwasser, J. Kilian, and A. Wigderson. Multi-prover interactive proofs: How to remove intractability assumptions. In STOC, pages 113--131, 1988. Google ScholarDigital Library
- E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. P. Vadhan. Robust pcps of proximity, shorter pcps and applications to coding. In STOC, pages 1--10, 2004. Google ScholarDigital Library
- E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. P. Vadhan. Short pcps verifiable in polylogarithmic time. In CCC, pages 120--134, 2005. Google ScholarDigital Library
- M. Blum. How to prove a theorem so no-one else can claim it. In Proceedings of the International Congress of Mathematicians, pages 1444--1451, 1987.Google Scholar
- M. Blum and S. Kannan. Designing programs that check their work. Journal of the ACM, 42(1):269--291, 1995. Google ScholarDigital Library
- C. Cachin, S. Micali, and M. Stadler. Computationally private information retrieval with polylogarithmic communication. In EUROCRYPT, pages 402--414, 1999. Google ScholarDigital Library
- R. Canetti, O. Goldreich, and S. Halevi. The random oracle methodology, revisited. Journal of the ACM, 51(4):557--594, 2004. Google ScholarDigital Library
- A. Condon. Space-bounded probabilistic game automata. Journal of the ACM, 38(2):472--494, 1991. Google ScholarDigital Library
- A. Condon and R. E. Ladner. Probabilistic game automata. Journal of Computer and System Sciences, 36(3):452--489, 1988. Google ScholarDigital Library
- A. Condon and R. J. Lipton. On the complexity of space bounded interactive proofs (extended abstract). In FOCS, pages 462--467, 1989. Google ScholarDigital Library
- I. Dinur. The pcp theorem by gap amplification. Journal of the ACM, 54(3):12, 2007. Google ScholarDigital Library
- C. Dwork, M. Naor, O. Reingold, and L. J. Stockmeyer. Magic functions. Journal of the ACM, 50(6):852--921, 2003. Google ScholarDigital Library
- C. Dwork and L. J. Stockmeyer. Finite state verifiers i: The power of interaction. Journal of the ACM, 39(4):800--828, 1992. Google ScholarDigital Library
- C. Dwork and L. J. Stockmeyer. Finite state verifiers ii: Zero knowledge. Journal of the ACM, 39(4):829--858, 1992. Google ScholarDigital Library
- U. Feige, S. Goldwasser, L. Lovász, S. Safra, and M. Szegedy. Interactive proofs and the hardness of approximating cliques. Journal of the ACM, 43(2):268--292, 1996. Google ScholarDigital Library
- U. Feige and J. Kilian. Making games short (extended abstract). In Proceedings of the 29th Annual ACM Symposium on Theory of Computing, pages 506--516, 1997. Google ScholarDigital Library
- A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In CRYPTO, pages 186--194, 1986. Google ScholarDigital Library
- L. Fortnow. Complexity-theoretic aspects of interactive proof systems. PhD thesis. Technical Report MIT/LCS/TR-447, Massachusetts Institute of Technology, 1989.Google Scholar
- L. Fortnow and C. Lund. Interactive proof systems and alternating time-space complexity. Theoretical Computer Science, 113(1):55--73, 1993. Google ScholarDigital Library
- O. Goldreich, S. Micali, and A. Wigderson. Proofs that yield nothing but their validity, or all languages in np have zero-knowledge proof systems. Journal of the ACM, 38(1):691--729, 1991. Google ScholarDigital Library
- S. Goldwasser, D. Gutfreund, A. Healy, T. Kaufman, and G. N.Rothblum. Verifying and decoding in constant depth. In STOC, pages 440--449, 2007. Google ScholarDigital Library
- S. Goldwasser and Y. T. Kalai. On the (in)security of the fiat-shamir paradigm. In FOCS, pages 102--, 2003. Google ScholarDigital Library
- S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof-systems. SIAM Journal on Computing, 18(1):186--208, 1989. Google ScholarDigital Library
- J. Håstad, R. Impagliazzo, L. Levin, and M. Luby. A pseudorandom generator from any one-way function. SIAM Journal on Computing, 28(4):1364--1396, 1999. Google ScholarDigital Library
- Y. Ishai, E. Kushilevitz, R. Ostrovsky, and A. Sahai. Zero-knowledge from secure multiparty computation. In STOC, pages 21--30, 2007. Google ScholarDigital Library
- Y. Ishai and A. Paskin. Evaluating branching programs on encrypted data. In TCC, pages 575--594, 2007. Google ScholarDigital Library
- Y. T. Kalai and R. Raz. Interactive pcp. Technical Report TR07-031, ECCC, 2007.Google Scholar
- Y. T. Kalai and R. Raz. Probabilistically checkable arguments. Manuscript, 2007.Google Scholar
- J. Kilian. Zero-knowledge with log-space verifiers. In FOCS, pages 25--35, 1988. Google ScholarDigital Library
- J. Kilian. A note on efficient zero-knowledge proofs and arguments (extended abstract). In STOC, pages 723--732, 1992. Google ScholarDigital Library
- J. Kilian. Improved efficient arguments (preliminary version). In CRYPTO, pages 311--324, 1995. Google ScholarDigital Library
- E. Kushilevitz and R. Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In FOCS, pages 364--373, 1997. Google ScholarDigital Library
- N. Linial, Y. Mansour, and N. Nisan. Constant depth circuits, fourier transform, and learnability. Journal of the ACM, 40(3):607--620, 1993. Google ScholarDigital Library
- H. Lipmaa. An oblivious transfer protocol with log-squared communication. In ISC, pages 314--328, 2005. Google ScholarDigital Library
- C. Lund, L. Fortnow, H. Karloff, and N. Nisan. Algebraic methods for interactive proof systems. Journal of the ACM, 39(4):859--868, 1992. Google ScholarDigital Library
- S. Micali. Cs proofs (extended abstract). In FOCS, pages 436--453, 1994. Google ScholarDigital Library
- M. Naor. Bit commitment using pseudo randomness. In CRYPTO, pages 128--136, 1989. Google ScholarDigital Library
- A. Polishchuk and D. A. Spielman. Nearly-linear size holographic proofs. In STOC, pages 194--203, 1994. Google ScholarDigital Library
- A. Shamir. IP = PSPACE. Journal of the ACM, 39(4):869--877, 1992. Google ScholarDigital Library
Index Terms
- Delegating computation: interactive proofs for muggles
Recommendations
Delegating Computation: Interactive Proofs for Muggles
In this work we study interactive proofs for tractable languages. The (honest) prover should be efficient and run in polynomial time or, in other words, a “muggle”.1 The verifier should be super-efficient and run in nearly linear time. These proof ...
Constant-round interactive proofs for delegating computation
STOC '16: Proceedings of the forty-eighth annual ACM symposium on Theory of ComputingThe celebrated IP=PSPACE Theorem of Lund et-al. (J.ACM 1992) and Shamir (J.ACM 1992), allows an all-powerful but untrusted prover to convince a polynomial-time verifier of the validity of extremely complicated statements (as long as they can be ...
Bounded Relativization
CCC '23: Proceedings of the conference on Proceedings of the 38th Computational Complexity ConferenceRelativization is one of the most fundamental concepts in complexity theory, which explains the difficulty of resolving major open problems. In this paper, we propose a weaker notion of relativization called bounded relativization. For a complexity ...
Comments