Advertisement

Low communication 2-prover zero-knowledge proofs for NP

Preliminary Version
  • Cynthia Dwork
  • Uri Feige
  • Joe Kilian
  • Moni Naor
  • Muli Safra
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 740)

Abstract

We exhibit a two-prover perfect zero-knowledge proof system for 3-SAT. In this protocol, the verifier asks a single message to each prover, whose size grows logarithmically in the size of the 3-SAT formula. Each prover’s answer consists of only a constant number of bits. The verifier will always accept correct proofs. Given an unsatisfiable formula S the verifier will reject with probability at least Ω((|S|-max-sat(S))/|S|, where max-sat(S) denotes the maximum number of clauses of S that may be simultaneously satisfied, and |S| denotes the total number of clauses of S. Using a recent result by Arora et al [2], we can construct for any language in NP a protocol with the property that any non-member of the language be rejected with constant probability.

Keywords

Proof System Input String Random String Satisfying Assignment Robust Form 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    N. Alon, J. H. Spencer, The Probabilistic Method, John Wiley & Sons, New-York, 1992.zbMATHGoogle Scholar
  2. 2.
    S. Arora, C. Lund, R. Motwani, M. Szegedy and M. Sudan, Proof Verification and the Hardness of Approximations, Proc. 33rd IEEE Symp. on Foundation of Computer Science, 1992, to appear.Google Scholar
  3. 3.
    S. Arora and M. Safra Probabilistic Checking of Proofs Proc. 33rd IEEE Symp. on Foundation of Computer Science, 1992, to appear.Google Scholar
  4. 4.
    L. Babai, L. Fortnow, L. Levin and M. Szegedy Checking Computations in Polylogarithmic Time Proc. 23rd ACM Symposium on Theory of Computing, 1991, pp. 21–31.Google Scholar
  5. 5.
    L. Babai, L. Fortnow, C. Lund, Non-Deterministic. Exponential Time has Two-Prover Interactive Protocols, Proc. 31st IEEE Symp. on Foundation of Computer Science, 1990, pp. 16–25.Google Scholar
  6. 6.
    D. A. Barrington, Bounded-Width Polynomial-Size Branching Programs Recognize Exactly Those Languages in NC 1, JCSS (38), 1989, pp. 150–164.zbMATHMathSciNetGoogle Scholar
  7. 7.
    M. Ben-or, S. Goldwasser, J. Kilian, A. Wigderson, Multi Prover Interactive Proofs: How to Remove Intractability, Proc. 20th ACM Symposium on Theory of Computing, 1988, pp. 113–131.Google Scholar
  8. 8.
    J. Cai, A. Condon, R. Lipton, On Bounded Round Multi-Prover Interactive Proof Systems, Proc. of Structure in Complexity, 1990, pp. 45–54.Google Scholar
  9. 9.
    J. Cai, A. Condon, R. Lipton, Playing Games of Incomplete Information, STACS 1990.Google Scholar
  10. 10.
    J. Cai, A. Condon, R. Lipton, PSPACE is Provable by Two Provers in One Round, Proc. Structure in Complexity, 1991, pp. 110–115.Google Scholar
  11. 11.
    U. Feige, On the Success Probability of the Two Provers in One Round Proof Systems, Proc. Structure in Complexity, 1991, pp. 116–123.Google Scholar
  12. 12.
    U. Feige, S. Goldwasser, L. Lovasz, M. Safra, M. Szegedy, “Approximating Clique is Almost NP-Complete”, Proc. 32nd IEEE Symp. on Foundation of Computer Science, 1991, pp. 2–12.Google Scholar
  13. 13.
    U. Feige and L. Lovasz, Two-Provers One Round Proof Systems: Their Power and Their Problems, Proc. 24th ACM Symposium on Theory of Computing, 1992Google Scholar
  14. 14.
    L. Fortnow, J. Rompel, M. Sipser, On the Power of Multi-Prover Interactive Protocols, Proc. of Structure in Complexity 1988, pp. 156–161. Erratum in Proc. Structure in Complexity, 1990, pp. 318–319.Google Scholar
  15. 15.
    J. Kilian, Use of Randomness in Algorithms and Protocols, MIT Press, 1990.Google Scholar
  16. 16.
    J. Kilian, Strong Separation Models of Multi Prover Interactive Proofs, DIMACS Workshop on Cryptography, October 1990.Google Scholar
  17. 17.
    J. Kilian, A Note on Efficient Zero-Knowledge Proofs and Arguments, Proc. 24th ACM Symposium on Theory of Computing, 1992Google Scholar
  18. 18.
    D. Lapidot, A. Shamir, A One-Round, Two-Prover, Zero-Knowledge Protocol for NP, Crypto’91 abstracts.Google Scholar
  19. 19.
    D. Lapidot, A. Shamir, Fully Parallelized Multi Prover Protocols for NEXP-time Proc. 32nd IEEE Symp. on Foundation of Computer Science, 1991, pp. 13–18.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Cynthia Dwork
    • 1
  • Uri Feige
    • 2
  • Joe Kilian
    • 3
  • Moni Naor
    • 1
  • Muli Safra
    • 1
  1. 1.IBM Research DivisionAlmaden Research CenterAlmaden
  2. 2.IBM Research DivisionT. J. Watson Research CenterUSA
  3. 3.NEC ResearchUSA

Personalised recommendations