Probabilistically Checkable Arguments

  • Yael Tauman Kalai
  • Ran Raz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5677)


We give a general reduction that converts any public-coin interactive proof into a one-round (two-message) argument. The reduction relies on a method proposed by Aiello et al. [1], of using a Private-Information-Retrieval (PIR) scheme to collapse rounds in interactive protocols. For example, the reduction implies that for any security parameter t, the membership in any language in PSPACE can be proved by a one-round (two-message) argument of size poly(n,t), which is sound for malicious provers of size 2t. (Note that the honest prover in this construction runs in exponential time, since she has to prove membership in PSPACE, but we can choose t such that 2t is significantly larger than the running time of the honest prover).

A probabilistically checkable argument (PCA) is a relaxation of the notion of probabilistically checkable proof (PCP). It is defined analogously to PCP, except that the soundness property is required to hold only computationally. We consider the model where the argument is of one round (two-message), where the verifier’s message depends only on his (private) randomness. We show that for membership in many NP languages, there are PCAs (with efficient honest provers) that are of size polynomial in the size of the witness. This compares to the best PCPs that are of size polynomial in the size of the instance (that may be significantly larger). The number of queries to these PCAs is poly-logarithmic.

The soundness property, in all our results, relies on exponential hardness assumptions for PIR schemes.


  1. 1.
    Aiello, W., Bhatt, S.N., Ostrovsky, R., Rajagopalan, S.: Fast Verification of Any Remote Procedure Call: Short Witness-Indistinguishable One-Round Proofs for NP. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, p. 463. Springer, Heidelberg (2000) (manuscript withdrown by the authors prior to ICALP)CrossRefGoogle Scholar
  2. 2.
    Arora, S., Lund, C., Motwani, R., Sudan. M., Szegedy, M.: Proof Verification and Hardness of Approximation Problems. In: FOCS 1992, pp. 14–23 (1992); also in J. ACM 45(3), 501–555 (1998)Google Scholar
  3. 3.
    Arora, S., Safra, S.: Probabilistic Checking of Proofs: A New Characterization of NP. In: FOCS 1992, pp. 2–13 (1992); also in J. ACM 45(1), 70–122 (1998)Google Scholar
  4. 4.
    Barak, B.: How to Go Beyond the Black-Box Simulation Barrier. In: FOCS 2001, pp. 106–115 (2001)Google Scholar
  5. 5.
    Babai, L., Fortnow, L., Lund, C.: Non-Deterministic Exponential Time has Two-Prover Interactive Protocols. In: FOCS 1990, pp. 16–25 (1990); also In Computational Complexity 1, 3–40 (1991)Google Scholar
  6. 6.
    Cachin, C., Micali, S., Stadler, M.: Computationally Private Information Retrieval with Polylogarithmic Communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–414. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private Information Retrieval. J. ACM 45(6), 965–981 (1998)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Damgard, I., Fazio, N., Nicolosi, A.: Non-interactive Zero-Knowledge from Homomorphic Encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 41–59. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Dwork, C., Langberg, M., Naor, M., Nissim, K., Reingold, O.: Succinct Proofs for NP and Spooky Interactions (unpublished manuscript)Google Scholar
  10. 10.
    Feige, U., Goldwasser, S., Lovasz, L., Safra, S., Szegedy, M.: Interactive Proofs and the Hardness of Approximating Cliques. In: FOCS 1991, pp. 2–12 (1991); also in J. ACM 43(2), 268–292 (1996)Google Scholar
  11. 11.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  12. 12.
    Fortnow, L., Santhanam, R.: Infeasibility of Instance Compression and Succinct PCPs for NP. In: STOC 2008, pp. 133–142 (2008)Google Scholar
  13. 13.
    Goldwasser, S., Kalai, Y.T.: On the (In)security of the Fiat-Shamir Paradigm. In: FOCS 2003 (2003)Google Scholar
  14. 14.
    Goldwasser, S., Kalai, Y.T., Rothblum, G.: Delegating Computation: Interactive Proofs for Muggles. In: FOCS 2007, pp. 113–122 (2007)Google Scholar
  15. 15.
    Harnik, H., Naor, M.: On the Compressibility of NP instances and Cryptographic Applications. In: FOCS 2006, pp. 719–728 (2006)Google Scholar
  16. 16.
    Kushilevitz, E., Ostrovsky, R.: Replication is NOT Needed: SINGLE Database, Computationally-Private Information Retrieval. In: FOCS 1997, pp. 364–373 (1997)Google Scholar
  17. 17.
    Kalai, Y.T., Raz, R.: Succinct Non-Interactive Zero-Knowledge Proofs with Preprocessing for LOGSNP. In: FOCS 2006, pp. 355–366 (2006)Google Scholar
  18. 18.
    Kalai, Y.T., Raz, R.: Interactive PCP. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 536–547. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Kilian, J.: A note on efficient zero-knowledge proofs and arguments. In: STOC 1992, pp. 723–732 (1992)Google Scholar
  20. 20.
    Lund, C., Fortnow, L., Karloff, H.J., Nisan, N.: Algebraic Methods for Interactive Proof Systems. In: FOCS 1990, pp. 2–10 (1990); also in J. ACM 39(4), 859–868 (1992)Google Scholar
  21. 21.
    Micali, S.: CS Proofs (Extended Abstracts). In: FOCS 1994, pp. 436–453 (1994)Google Scholar
  22. 22.
    Shamir, A.: IP=PSPACE. J. ACM 39(4), 869–877 (1992)MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Yael Tauman Kalai
    • 1
  • Ran Raz
    • 2
  1. 1.Microsoft ResearchUSA
  2. 2.Weizmann InstituteUSA

Personalised recommendations