ACM Digital Library home
ACM home
Advanced Search
10.1145/1374376.1374396acmconferencesArticle/Chapter ViewAbstractPublication PagesstocConference Proceedingsconference-collections
research-article

Delegating computation: interactive proofs for muggles

STOC '08: Proceedings of the fortieth annual ACM symposium on Theory of computingMay 2008 Pages 113–122https://doi.org/10.1145/1374376.1374396
Published:17 May 2008Publication History
  • 263citation
  • 936
  • Downloads
Metrics
Total Citations263
Total Downloads936
Last 12 Months16
Last 6 weeks2

ABSTRACT

In this work we study interactive proofs for tractable languages. The (honest) prover should be efficient and run in polynomial time, or in other words a "muggle". The verifier should be super-efficient and run in nearly-linear time. These proof systems can be used for delegating computation: a server can run a computation for a client and interactively prove the correctness of the result. The client can verify the result's correctness in nearly-linear time (instead of running the entire computation itself). Previously, related questions were considered in the Holographic Proof setting by Babai, Fortnow, Levin and Szegedy, in the argument setting under computational assumptions by Kilian, and in the random oracle model by Micali. Our focus, however, is on the original interactive proof model where no assumptions are made on the computational power or adaptiveness of dishonest provers. Our main technical theorem gives a public coin interactive proof for any language computable by a log-space uniform boolean circuit with depth d and input length n. The verifier runs in time (n+d) • polylog(n) and space O(log(n)), the communication complexity is d • polylog(n), and the prover runs in time poly(n). In particular, for languages computable by log-space uniform NC (circuits of polylog(n) depth), the prover is efficient, the verifier runs in time n • polylog(n) and space O(log(n)), and the communication complexity is polylog(n). Using this theorem we make progress on several questions: We show how to construct short (polylog size) computationally sound non-interactive certificates of correctness for any log-space uniform NC computation, in the public-key model. The certificates can be verified in quasi-linear time and are for a designated verifier: each certificate is tailored to the verifier's public key. This result uses a recent transformation of Kalai and Raz from public-coin interactive proofs to one-round arguments. The soundness of the certificates is based on the existence of a PIR scheme with polylog communication. Interactive proofs with public-coin, log-space, poly-time verifiers for all of P. This settles an open question regarding the expressive power of proof systems with such verifiers. Zero-knowledge interactive proofs with communication complexity that is quasi-linear in the witness, length for any NP language verifiable in NC, based on the existence of one-way functions. Probabilistically checkable arguments (a model due to Kalai and Raz) of size polynomial in the witness length (rather than the instance length) for any NP language verifiable in NC, under computational assumptions.

References

  1. ET, phone [email protected]!. [email protected] headlines, 1999.Google ScholarGoogle Scholar
  2. The great internet mersenne prime search, project webpage. http://www.mersenne.org/, 2007.Google ScholarGoogle Scholar
  3. [email protected] project website. http://setiathome.berkeley.edu/, 2007.Google ScholarGoogle Scholar
  4. M. Agrawal, N. Kayal, and N. Saxena. PRIMES is in P. Annals of Mathematics, 160(2):781--793, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  5. D. P. Anderson. Public computing: Reconnecting people to science. In Conference on Shared Knowledge and the Web, 2003.Google ScholarGoogle Scholar
  6. D. P. Anderson. BOINC: A system for public-resource computing and storage. In GRID, pages 4--10, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. S. Arora, C. Lund, R. Motwani, M. Sudan, and M. Szegedy. Proof verification and hardness of approximation problems. In FOCS, pages 14--23, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. S. Arora and S. Safra. Probabilistic checking of proofs: a new characterization of NP. Journal of the ACM, 45(1):70--122, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. L. Babai. Trading group theory for randomness. In STOC, pages 421--429, 1985. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. L. Babai, L. Fortnow, L. A. Levin, and M. Szegedy. Checking computations in polylogarithmic time. In STOC, pages 21--31, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. L. Babai, L. Fortnow, and C. Lund. Non-deterministic exponential time has two-prover interactive protocols. In FOCS, pages 16--25, 1990. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. B. Barak and O. Goldreich. Universal arguments and their applications. In CCC, pages 194--203, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. R. Beigel, M. Bellare, J. Feigenbaum, and S. Goldwasser. Languages that are easier than their proofs. In FOCS, pages 19--28, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. M. Ben-Or, O. Goldreich, S. Goldwasser, J. Håstad, J. Kilian,S. Micali, and P. Rogaway. Everything provable is provable in zero-knowledge. In CRYPTO, pages 37--56, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. M. Ben-Or, S. Goldwasser, J. Kilian, and A. Wigderson. Multi-prover interactive proofs: How to remove intractability assumptions. In STOC, pages 113--131, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. P. Vadhan. Robust pcps of proximity, shorter pcps and applications to coding. In STOC, pages 1--10, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. P. Vadhan. Short pcps verifiable in polylogarithmic time. In CCC, pages 120--134, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. M. Blum. How to prove a theorem so no-one else can claim it. In Proceedings of the International Congress of Mathematicians, pages 1444--1451, 1987.Google ScholarGoogle Scholar
  19. M. Blum and S. Kannan. Designing programs that check their work. Journal of the ACM, 42(1):269--291, 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. C. Cachin, S. Micali, and M. Stadler. Computationally private information retrieval with polylogarithmic communication. In EUROCRYPT, pages 402--414, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. R. Canetti, O. Goldreich, and S. Halevi. The random oracle methodology, revisited. Journal of the ACM, 51(4):557--594, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. A. Condon. Space-bounded probabilistic game automata. Journal of the ACM, 38(2):472--494, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. A. Condon and R. E. Ladner. Probabilistic game automata. Journal of Computer and System Sciences, 36(3):452--489, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. Condon and R. J. Lipton. On the complexity of space bounded interactive proofs (extended abstract). In FOCS, pages 462--467, 1989. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. I. Dinur. The pcp theorem by gap amplification. Journal of the ACM, 54(3):12, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. C. Dwork, M. Naor, O. Reingold, and L. J. Stockmeyer. Magic functions. Journal of the ACM, 50(6):852--921, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. C. Dwork and L. J. Stockmeyer. Finite state verifiers i: The power of interaction. Journal of the ACM, 39(4):800--828, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. C. Dwork and L. J. Stockmeyer. Finite state verifiers ii: Zero knowledge. Journal of the ACM, 39(4):829--858, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. U. Feige, S. Goldwasser, L. Lovász, S. Safra, and M. Szegedy. Interactive proofs and the hardness of approximating cliques. Journal of the ACM, 43(2):268--292, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. U. Feige and J. Kilian. Making games short (extended abstract). In Proceedings of the 29th Annual ACM Symposium on Theory of Computing, pages 506--516, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In CRYPTO, pages 186--194, 1986. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. L. Fortnow. Complexity-theoretic aspects of interactive proof systems. PhD thesis. Technical Report MIT/LCS/TR-447, Massachusetts Institute of Technology, 1989.Google ScholarGoogle Scholar
  33. L. Fortnow and C. Lund. Interactive proof systems and alternating time-space complexity. Theoretical Computer Science, 113(1):55--73, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. O. Goldreich, S. Micali, and A. Wigderson. Proofs that yield nothing but their validity, or all languages in np have zero-knowledge proof systems. Journal of the ACM, 38(1):691--729, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. S. Goldwasser, D. Gutfreund, A. Healy, T. Kaufman, and G. N.Rothblum. Verifying and decoding in constant depth. In STOC, pages 440--449, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. S. Goldwasser and Y. T. Kalai. On the (in)security of the fiat-shamir paradigm. In FOCS, pages 102--, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof-systems. SIAM Journal on Computing, 18(1):186--208, 1989. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. J. Håstad, R. Impagliazzo, L. Levin, and M. Luby. A pseudorandom generator from any one-way function. SIAM Journal on Computing, 28(4):1364--1396, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Y. Ishai, E. Kushilevitz, R. Ostrovsky, and A. Sahai. Zero-knowledge from secure multiparty computation. In STOC, pages 21--30, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Y. Ishai and A. Paskin. Evaluating branching programs on encrypted data. In TCC, pages 575--594, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Y. T. Kalai and R. Raz. Interactive pcp. Technical Report TR07-031, ECCC, 2007.Google ScholarGoogle Scholar
  42. Y. T. Kalai and R. Raz. Probabilistically checkable arguments. Manuscript, 2007.Google ScholarGoogle Scholar
  43. J. Kilian. Zero-knowledge with log-space verifiers. In FOCS, pages 25--35, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. J. Kilian. A note on efficient zero-knowledge proofs and arguments (extended abstract). In STOC, pages 723--732, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. J. Kilian. Improved efficient arguments (preliminary version). In CRYPTO, pages 311--324, 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. E. Kushilevitz and R. Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In FOCS, pages 364--373, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. N. Linial, Y. Mansour, and N. Nisan. Constant depth circuits, fourier transform, and learnability. Journal of the ACM, 40(3):607--620, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. H. Lipmaa. An oblivious transfer protocol with log-squared communication. In ISC, pages 314--328, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. C. Lund, L. Fortnow, H. Karloff, and N. Nisan. Algebraic methods for interactive proof systems. Journal of the ACM, 39(4):859--868, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. S. Micali. Cs proofs (extended abstract). In FOCS, pages 436--453, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. M. Naor. Bit commitment using pseudo randomness. In CRYPTO, pages 128--136, 1989. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. A. Polishchuk and D. A. Spielman. Nearly-linear size holographic proofs. In STOC, pages 194--203, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. A. Shamir. IP = PSPACE. Journal of the ACM, 39(4):869--877, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Delegating computation: interactive proofs for muggles

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    Get this Publication

    • Published in

      cover image ACM Conferences
      STOC '08: Proceedings of the fortieth annual ACM symposium on Theory of computing
      May 2008
      712 pages
      ISBN:9781605580470
      DOI:10.1145/1374376

      Copyright © 2008 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 17 May 2008

      Permissions

      Request permissions about this article.

      Request Permissions

      Author Tags

      Qualifiers

      • research-article

      Acceptance Rates

      STOC '08 Paper Acceptance Rate 80 of 325 submissions, 25%Overall Acceptance Rate 1,369 of 4,226 submissions, 32%
      More

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    View Table of Contents
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!