Advertisement

Incrementally Verifiable Computation or Proofs of Knowledge Imply Time/Space Efficiency

  • Paul Valiant
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4948)

Abstract

A probabilistically checkable proof (PCP) system enables proofs to be verified in time polylogarithmic in the length of a classical proof. Computationally sound (CS) proofs improve upon PCPs by additionally shortening the length of the transmitted proof to be polylogarithmic in the length of the classical proof.

In this paper we explore the ultimate limits of non-interactive proof systems with respect to time and space efficiency. We present a proof system where the prover uses space polynomial in the space of a classical prover and time essentially linear in the time of a classical prover, while the verifier uses time and space that are essentially constant. Further, this proof system is composable: there is an algorithm for merging two proofs of length k into a proof of the conjunction of the original two theorems in time polynomial in k, yielding a proof of length exactly k.

We deduce the existence of our proposed proof system by way of a natural new assumption about proofs of knowledge. In fact, a main contribution of our result is showing that knowledge can be “traded” for time and space efficiency in noninteractive proof systems. We motivate this result with an explicit construction of noninteractive CS proofs of knowledge in the random oracle model.

Keywords

Turing Machine Proof System Random Oracle Random String Random Oracle Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Arora, S., Lund, C., Motwani, R., Sudan, M., Szegedy, M.: Proof verification and the hardness of approximation problems. Journal of the ACM 45(3), 501–555 (1998)zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Arora, S., Safra, S.: Probabilistic checking of proofs: A new characterization of NP. Journal of the ACM 45(1), 70–122 (1998)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Babai, L., Fortnow, L., Lund, C.: Non-deterministic exponential time has two-prover interactive protocols. Computational Complexity 1, 3–40 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Barak, B., Goldreich, O.: Universal Arguments. In: Proc. Complexity (CCC) (2002)Google Scholar
  5. 5.
    Ben-Sasson, E., Goldreich, O., Harsha, P., Sudan, M., Vadhan, S.: Robust PCPs of proximity, shorter PCPs and applications to coding. In: STOC 2004, pp. 1–10 (2004)Google Scholar
  6. 6.
    Blum, M., De Santis, A., Micali, S., Persiano, G.: Noninteractive Zero-Knowledge. SIAM J. Comput. 20(6), 1084–1118 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Blum, M., Feldman, P., Micali, S.: Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract). In: STOC 1988, pp. 103–112 (1988)Google Scholar
  8. 8.
    Canetti, R., Goldreich, O., Halevi, S.: The Random Oracle Methodology, Revisited. In: STOC 1998, pp. 209–218 (1998)Google Scholar
  9. 9.
    Fischlin, M.: Communication-efficient non-interactive proofs of knowledge with online extractors. Advances in Cryptology (2005)Google Scholar
  10. 10.
    Goldreich, O., Sudan, M.: Locally testable codes and PCPs of almost-linear length. In: FOCS 2002 (2002)Google Scholar
  11. 11.
    Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof Systems. SIAM J. on Computing 18(1), 186–208 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Kilian, J.: A note on efficient zero-knowledge proofs and arguments. In: STOC, pp. 723–732 (1992)Google Scholar
  13. 13.
    Micali, S.: Computationally Sound Proofs. SIAM J. Computing 30(4), 1253–1298 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Pass, R.: On deniability in the common reference string and random oracle model. In: Advances in Cryptology, pp. 316–337 (2003)Google Scholar
  15. 15.
    Shamir, A.: IP = PSPACE. Journal of the ACM 39(4), 869–877 (1992)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Paul Valiant
    • 1
  1. 1.Massachusetts Institute of Technology 

Personalised recommendations