Skip to main content

Batch Verification and Proofs of Proximity with Polylog Overhead

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12551)

Abstract

Suppose Alice wants to convince Bob of the correctness of k \(\mathsf {NP}\) statements. Alice could send k witnesses to Bob, but as k grows the communication becomes prohibitive. Is it possible to convince Bob using smaller communication (without making cryptographic assumptions or bounding the computational power of a malicious Alice)? This is the question of batch verification for \(\mathsf {NP}\) statements. Our main result is a new interactive proof protocol for verifying the correctness of k \(\mathsf {UP}\) statements (\(\mathsf {NP}\) statements with a unique witness) using communication that is poly-logarithmic in k (and a fixed polynomial in the length of a single witness).

This result is obtained by making progress on a different question in the study of interactive proofs. Suppose Alice wants to convince Bob that a huge dataset has some property. Can this be done if Bob can’t even read the entire input? In other words, what properties can be verified in sublinear time? An Interactive Proof of Proximity guarantees that Bob accepts if the input has the property, and rejects if the input is far (say in Hamming distance) from having the property. Two central complexity measures of such a protocol are the query and communication complexities (which should both be sublinear). For every query parameter q, and for every language in logspace uniform \(\mathsf {NC}\), we construct an interactive proof of proximity with query complexity q and communication complexity \((n/q) \cdot \mathsf{polylog}(n)\).

Both results are optimal up to poly-logarithmic factors, under reasonable complexity-theoretic or cryptographic assumptions. The second result, which is our main technical contribution, builds on a distance amplification technique introduced in a beautiful recent work of Ben-Sasson, Kopparty and Saraf [CCC 2018].

In Memoriam: Uriel G. Rothblum

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-64378-2_5
  • Chapter length: 31 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-64378-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

Notes

  1. 1.

    Efficiency of the honest prover (given an \(\mathsf {NP}\) witness) has been central in the study of zero-knowledge interactive proofs [GMR89, GMW91]. It has also been central to the study of efficient batch verification in recent works [RRR16, RRR18].

  2. 2.

    In particular, for simplicity and since it is sufficient for our results we consider a variant of \(\mathsf {PVAL}\) with respect to the multi-linear extension rather than a more general low degree extension considered in [RVW13].

  3. 3.

    Recall that the multilinear extension \(\hat{f} : \mathbb {F}^m \rightarrow \mathbb {F}\) of \(f : \{0,1\}^m \rightarrow \mathbb {F}\) is the unique multilinear polynomial that agrees with f on \(\{0,1\}^m\). See Sect. 3.1 for details.

  4. 4.

    Intuitively, the reason to use a random linear combination rather than some fixed combination such as \(f_0+f_1\) is avoiding (w.h.p) the possibility that the differences of \(f_0\) and \(f_1\) from their corresponding \(\mathsf {PVAL}\) instances (i.e. the 0/1 vectors that can be added to \(f_0\) and \(f_1\) to reach vectors in \(\mathsf {PVAL}\)) cancel each other out.

References

  1. Arora, S., Lund, C., Motwani, R., Sudan, M., Szegedy, M.: Proof verification and the hardness of approximation problems. J. ACM 45(3), 501–555 (1998)

    MathSciNet  CrossRef  Google Scholar 

  2. Arora, S., Safra, S.: Probabilistic checking of proofs; A new characterization of NP. In: 33rd Annual Symposium on Foundations of Computer Science, Pittsburgh, Pennsylvania, USA, 24–27 October 1992, pp. 2–13 (1992)

    Google Scholar 

  3. Babai, L., Fortnow, L., Lund, C.: Non-deterministic exponential time has two-prover interactive protocols. Comput. Complex. 1, 3–40 (1991)

    CrossRef  Google Scholar 

  4. Babai, L., Fortnow, L., Levin, L.A., Szegedy, M.: Checking computations in polylogarithmic time. In: Proceedings of the 23rd Annual ACM Symposium on Theory of Computing, New Orleans, Louisiana, USA, 5–8 May 1991, pp. 21–31 (1991)

    Google Scholar 

  5. Ben-Or, M., et al.: Everything provable is provable in zero-knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 37–56. Springer, New York (1990). https://doi.org/10.1007/0-387-34799-2_4

    CrossRef  Google Scholar 

  6. Ben-Or, M., Goldwasser, S., Kilian, J., Wigderson, A.: Multi-prover interactive proofs: how to remove intractability assumptions. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, Chicago, Illinois, USA, 2–4 May 1988, pp. 113–131 (1988)

    Google Scholar 

  7. Brakerski, Z., Holmgren, J., Kalai, Y.T.: Non-interactive delegation and batch NP verification from standard computational assumptions. In: Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2017, Montreal, QC, Canada, 19–23 June 2017, pp. 474–482 (2017)

    Google Scholar 

  8. Ben-Sasson, E., Kopparty, S., Saraf, S.: Worst-case to average case reductions for the distance to a code. In: 33rd Computational Complexity Conference, CCC 2018, San Diego, CA, USA, 22–24 June 2018, pp. 24:1–24:23 (2018)

    Google Scholar 

  9. Berman, I., Rothblum, R.D., Vaikuntanathan, V.: Zero-knowledge proofs of proximity. In: 9th Innovations in Theoretical Computer Science Conference, ITCS 2018, Cambridge, MA, USA, 11–14 January 2018, pp. 19:1–19:20 (2018)

    Google Scholar 

  10. Chiesa, A., Gur, T.: Proofs of proximity for distribution testing. In: 9th Innovations in Theoretical Computer Science Conference, ITCS 2018, Cambridge, MA, USA, 11–14 January 2018, pp. 53:1–53:14 (2018)

    Google Scholar 

  11. Ergün, F., Kumar, R., Rubinfeld, R.: Fast approximate probabilistically checkable proofs. Inf. Comput. 189(2), 135–159 (2004)

    MathSciNet  CrossRef  Google Scholar 

  12. Feige, U., Goldwasser, S., Lovász, L., Safra, S., Szegedy, M.: Interactive proofs and the hardness of approximating cliques. J. ACM 43(2), 268–292 (1996)

    MathSciNet  CrossRef  Google Scholar 

  13. Fischer, E., Goldhirsh, Y., Lachish, O.: Partial tests, universal tests and decomposability. In: ITCS, pp. 483–500 (2014)

    Google Scholar 

  14. Fortnow, L., Rompel, J., Sipser, M.: On the power of multi-prover interactive protocols. Theor. Comput. Sci. 134(2), 545–557 (1994)

    MathSciNet  CrossRef  Google Scholar 

  15. Goldreich, O., Goldwasser, S., Ron, D.: Property testing and its connection to learning and approximation. J. ACM (JACM) 45(4), 653–750 (1998)

    MathSciNet  CrossRef  Google Scholar 

  16. Goldreich, O., Gur, T., Rothblum, R.D.: Proofs of proximity for context-free languages and read-once branching programs. In: Halldórsson, M.M., Iwama, K., Kobayashi, N., Speckmann, B. (eds.) ICALP 2015. LNCS, vol. 9134, pp. 666–677. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47672-7_54

    CrossRef  MATH  Google Scholar 

  17. Goldreich, O., Håstad, J.: On the complexity of interactive proofs with bounded communication. Inf. Process. Lett. 67(4), 205–214 (1998)

    MathSciNet  CrossRef  Google Scholar 

  18. Gur, T., Liu, Y.P., Rothblum, R.D.: An exponential separation between MA and AM proofs of proximity. In: Chatzigiannakis, I., Kaklamanis, C., Marx, D., Sannella, D. (eds.) 45th International Colloquium on Automata, Languages, and Programming, ICALP 2018, Prague, Czech Republic, 9–13 July 2018. LIPIcs, vol. 107, pp. 73:1–73:15. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2018)

    Google Scholar 

  19. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)

    MathSciNet  CrossRef  Google Scholar 

  20. Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity for all languages in NP have zero-knowledge proof systems. J. ACM 38(3), 691–729 (1991)

    MathSciNet  CrossRef  Google Scholar 

  21. Goldreich, O.: Computational Complexity - A Conceptual Perspective. Cambridge University Press, Cambridge (2008)

    CrossRef  Google Scholar 

  22. Gur, T., Rothblum, R.D.: Non-interactive proofs of proximity. In: Electronic Colloquium on Computational Complexity (ECCC), vol. 20, p. 78 (2013)

    Google Scholar 

  23. Gur, T., Rothblum, R.D.: A hierarchy theorem for interactive proofs of proximity. In: 8th Innovations in Theoretical Computer Science Conference, ITCS 2017, Berkeley, CA, USA, 9–11 January 2017, pp. 39:1–39:43 (2017)

    Google Scholar 

  24. Goldwasser, S., Rothblum, G.N., Shafer, J., Yehudayoff, A.: Interactive proofs for verifying machine learning. In: Electronic Colloquium on Computational Complexity (ECCC), vol. 27, p. 58 (2020)

    Google Scholar 

  25. Goldreich, O., Vadhan, S.P., Wigderson, A.: On interactive proofs with a laconic prover. Comput. Complex. 11(1–2), 1–53 (2002)

    MathSciNet  CrossRef  Google Scholar 

  26. Ishai, Y.: Zero-knowledge proofs from information-theoretic proof systems. https://zkproof.org/2020/08/12/information-theoretic-proof-systems/

  27. Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: STOC, pp. 723–732 (1992)

    Google Scholar 

  28. Kalai, Y.T., Rothblum, R.D.: Arguments of proximity. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part II. LNCS, vol. 9216, pp. 422–442. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_21

    CrossRef  Google Scholar 

  29. Lund, C., Fortnow, L., Karloff, H.J., Nisan, N.: Algebraic methods for interactive proof systems. J. ACM 39(4), 859–868 (1992)

    MathSciNet  CrossRef  Google Scholar 

  30. Ron-Zewi, N., Rothblum, R.: Local proofs approaching the witness length. In: Electronic Colloquium on Computational Complexity (ECCC), vol. 26, p. 127 (2019)

    Google Scholar 

  31. Reingold, O., Rothblum, G.N., Rothblum, R.D.: Constant-round interactive proofs for delegating computation. In: Proceedings of the 48th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2016, Cambridge, MA, USA, 18–21 June 2016, pp. 49–62 (2016)

    Google Scholar 

  32. Reingold, O., Rothblum, G.N., Rothblum, R.D.: Efficient batch verification for UP. In: 33rd Computational Complexity Conference, CCC 2018, San Diego, CA, USA, 22–24 June 2018, pp. 22:1–22:23 (2018)

    Google Scholar 

  33. Rubinfeld, R., Sudan, M.: Robust characterizations of polynomials with applications to program testing. SIAM J. Comput. 25(2), 252–271 (1996)

    MathSciNet  CrossRef  Google Scholar 

  34. Rothblum, G.N., Vadhan, S., Wigderson, A.: Interactive proofs of proximity: delegating computation in sublinear time. In: STOC, pp. 793–802 (2013)

    Google Scholar 

  35. Shamir, A.: IP = PSPACE. J. ACM 39(4), 869–877 (1992)

    MathSciNet  CrossRef  Google Scholar 

  36. Sudan, M. (ed.): Efficient Checking of Polynomials and Proofs and the Hardness of Appoximation Problems. LNCS, vol. 1001. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60615-7

    CrossRef  MATH  Google Scholar 

Download references

Acknowledgments

We thank Oded Goldreich and Omer Reingold for helpful and illuminating discussions on these topics. We thank the TCC revewiers for their careful reading of the manuscript and useful comments.

Guy Rothblum has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No. 819702). Research also supported by the Israel Science Foundation (grant number 5219/17) and an Amazon Research Award.

Ron Rothblum was supported in part by a Milgrom family grant, by the Israeli Science Foundation (Grants No. 1262/18 and 2137/19), and the Technion Hiroshi Fujiwara cyber security research center and Israel cyber directorate.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Guy N. Rothblum or Ron D. Rothblum .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 International Association for Cryptologic Research

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Rothblum, G.N., Rothblum, R.D. (2020). Batch Verification and Proofs of Proximity with Polylog Overhead. In: Pass, R., Pietrzak, K. (eds) Theory of Cryptography. TCC 2020. Lecture Notes in Computer Science(), vol 12551. Springer, Cham. https://doi.org/10.1007/978-3-030-64378-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-64378-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-64377-5

  • Online ISBN: 978-3-030-64378-2

  • eBook Packages: Computer ScienceComputer Science (R0)