research-article

On the concrete efficiency of probabilistically-checkable proofs

Authors:
Eli Ben-Sasson

Technion, Haifa, Israel

Technion, Haifa, Israel
View Profile

,
Alessandro Chiesa

MIT, Cambridge, USA

MIT, Cambridge, USA
View Profile

,
Daniel Genkin

Technion, Haifa, Israel

Technion, Haifa, Israel
View Profile

,
Eran Tromer

Tel Aviv University, Tel Aviv, Israel

Tel Aviv University, Tel Aviv, Israel
View Profile

STOC '13: Proceedings of the forty-fifth annual ACM symposium on Theory of ComputingJune 2013Pages 585–594https://doi.org/10.1145/2488608.2488681

Published:01 June 2013Publication History

STOC '13: Proceedings of the forty-fifth annual ACM symposium on Theory of Computing

Pages 585–594

ABSTRACT

Probabilistically-Checkable Proofs (PCPs) form the algorithmic core that enables fast verification of long computations in many cryptographic constructions. Yet, despite the wonderful asymptotic savings they bring, PCPs are also the infamous computational bottleneck preventing these powerful cryptographic constructions from being used in practice. To address this problem, we present several results about the computational efficiency of PCPs. We construct the first PCP where the prover and verifier time complexities are quasi-optimal (i.e., optimal up to poly-logarithmic factors). The prover and verifier are also higly-parallelizable, and these computational guarantees hold even when proving and verifying the correctness of random-access machine computations. Our construction is explicit and has the requisite properties for being used in the cryptographic applications mentioned above.

Next, to better understand the efficiency of our PCP, we propose a new efficiency measure for PCPs (and their major components, locally-testable codes and PCPs of proximity). We define a concrete-efficiency threshold that indicates the smallest problem size beyond which the PCP becomes "useful", in the sense that using it is cheaper than performing naive verification (i.e., rerunning the computation); our definition accounts for both the prover and verifier complexity.

We then show that our PCP has a finite concrete-efficiency threshold. That such a PCP exists does not follow from existing works on PCPs with polylogarithmic-time verifiers.

As in [Ben-Sasson and Sudan, STOC '05], PCPs of proximity for Reed-Solomon (RS) codes are the main component of our PCP. We construct a PCP of proximity that reduces the concrete-efficiency threshold for testing proximity to RS codes from 2⁶⁸³ in their work to 2⁴³, which is tantalizingly close to practicality.

References

B. Applebaum, Y. Ishai, and E. Kushilevitz. From secrecy to soundness: Efficient verification via secure computation. ICALP '10. Google ScholarDigital Library
S. Arora, C. Lund, R. Motwani, M. Sudan, and M. Szegedy. Proof verification and the hardness of approximation problems. JACM, 1998. Google ScholarDigital Library
S. Arora and S. Safra. Probabilistic checking of proofs: a new characterization of NP. JACM, 1998. Google ScholarDigital Library
L. Babai, L. Fortnow, L. A. Levin, and M. Szegedy. Checking computations in polylogarithmic time. STOC '91. Google ScholarDigital Library
B. Barak and O. Goldreich. Universal arguments and their applications. SIAM JC, 2008. Google ScholarDigital Library
E. Ben-Sasson, A. Chiesa, D. Genkin, and E. Tromer. Fast reductions from RAMs to delegatable succinct constraint satisfaction problems. ITCS '13. Google ScholarDigital Library
E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. Vadhan. Robust PCPs of proximity, shorter PCPs and applications to coding. STOC '04. Google ScholarDigital Library
E. Ben-Sasson, O. Goldreich, P. Harsha, M. Sudan, and S. Vadhan. Short PCPs verifiable in polylogarithmic time. CCC '05. Google ScholarDigital Library
E. Ben-Sasson, P. Harsha, and S. Raskhodnikova. Some 3CNF properties are hard to test. SIAM JC, 2005. Google ScholarDigital Library
E. Ben-Sasson and M. Sudan. Short PCPs with polylog query complexity. SIAM JC, 2008. Google ScholarDigital Library
E. Ben-Sasson, M. Sudan, S. Vadhan, and A. Wigderson. Randomness-efficient low degree tests and short pcps via epsilon-biased sets. STOC '03. Google ScholarDigital Library
E. R. Berlekamp. Algebraic Coding Theory. 1968.Google Scholar
N. Bitansky, R. Canetti, A. Chiesa, and E. Tromer. From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. ITCS '12, 2012. Google ScholarDigital Library
N. Bitansky, R. Canetti, A. Chiesa, and E. Tromer. Recursive composition and bootstrapping for SNARKs and proof-carrying data. STOC '13, 2013. Google ScholarDigital Library
N. Bitansky and A. Chiesa. Succinct arguments from multi-prover interactive proofs and their efficiency benefits. CRYPTO '12.Google Scholar
D. Boneh, G. Segev, and B. Waters. Targeted malleability. ITCS '12.Google Scholar
A. Chiesa and E. Tromer. Proof-carrying data and hearsay arguments from signature cards. ICS '10.Google Scholar
A. Chiesa and E. Tromer. Proof-carrying data: Secure computation on untrusted platforms. The Next Wave: The NSA's review of emerging technologies, 2012.Google Scholar
K.-M. Chung, Y. Kalai, and S. Vadhan. Improved delegation of computation using fully homomorphic encryption. CRYPTO '10. Google ScholarDigital Library
I. Damgård, S. Faust, and C. Hazay. Secure two-party computation with low communication. TCC '12.Google Scholar
G. Di Crescenzo and H. Lipmaa. Succinct NP proofs from an extractability assumption. CiE '08. Google ScholarDigital Library
I. Dinur. The PCP theorem by gap amplification. JACM, 2007. Google ScholarDigital Library
U. Feige, S. Goldwasser, L. Lovász, S. Safra, and M. Szegedy. Interactive proofs and the hardness of approximating cliques. JACM, 1996. Google ScholarDigital Library
R. Gennaro, C. Gentry, and B. Parno. Non-interactive verifiable computing: outsourcing computation to untrusted workers. CRYPTO '10. Google ScholarDigital Library
O. Goldreich and M. Sudan. Locally testable codes and pcps of almost-linear length. JACM, 2006. Google ScholarDigital Library
S. Goldwasser, Y. T. Kalai, and G. N. Rothblum. Delegating computation: interactive proofs for muggles. In STOC '08. Google ScholarDigital Library
S. Goldwasser, H. Lin, and A. Rubinstein. Delegation of computation without rejection problem from designated verifier CS-proofs. ePrint, 2011.Google Scholar
P. Harsha and M. Sudan. Small PCPs with low query complexity. Comp. Compl., 2000.Google ScholarCross Ref
W. C. Huffman and R. A. Brualdi. Handbook of Coding Theory. Elsevier Science Inc., New York, NY, USA, 1998. Google ScholarDigital Library
Y. Ishai, E. Kushilevitz, and R. Ostrovsky. Efficient arguments without short PCPs. CCC '07. Google ScholarDigital Library
J. Kilian. A note on efficient zero-knowledge proofs and arguments. STOC '92. Google ScholarDigital Library
R. Lidl and H. Niederreiter. Finite Fields. Cambridge University Press, 2nd edition, 1997. Google ScholarDigital Library
R. J. Lipton. Galactic algorithms. http://rjlipton.wordpress.com/2010/10/23/galactic-algorithms/, 2010.Google Scholar
T. Mateer. Fast Fourier Transform algorithms with applications. PhD thesis, Clemson University, 2008. Google ScholarDigital Library
O. Meir. Combinatorial PCPs with efficient verifiers. FOCS '09. Google ScholarDigital Library
O. Meir. Combinatorial pcps with short proofs. CCC '12. Google ScholarDigital Library
S. Micali. Computationally sound proofs. SIAM JC, 2000. Google ScholarDigital Library
T. Mie. Polylogarithmic two-round argument systems. J. Math. Crypt., 2008.Google ScholarCross Ref
T. Mie. Short PCPPs verifiable in polylogarithmic time with o(1) queries. A. Math. and AI, 2009. Google ScholarDigital Library
D. Moshkovitz and R. Raz. Two-query PCP with subconstant error. JACM, 2008. Google ScholarDigital Library
A. Polishchuk and D. A. Spielman. Nearly-linear size holographic proofs. STOC '94. Google ScholarDigital Library
R. Raz and S. Safra. A sub-constant error-probability low-degree test, and a sub-constant error-probability PCP characterization of NP. STOC '97. Google ScholarDigital Library
S. Setty, V. Vu, N. Panpalia, B. Braun, A. J. Blumberg, and M. Walfish. Taking proof-based verified computation a few steps closer to practicality. Security '12. Google ScholarDigital Library
D. Spielman. Computationally Efficient Error-Correcting Codes and Holographic Proofs. PhD thesis, MIT, Mathamatics Department, May 1995. Google ScholarDigital Library
P. Valiant. Incrementally verifiable computation or proofs of knowledge imply time/space efficiency. TCC '08. Google ScholarDigital Library

Index Terms

On the concrete efficiency of probabilistically-checkable proofs
1. Theory of computation

Recommendations

Efficient probabilistically checkable debates
APPROX'11/RANDOM'11: Proceedings of the 14th international workshop and 15th international conference on Approximation, randomization, and combinatorial optimization: algorithms and techniques

Probabilistically checkable debate systems (PCDSs) are debates between two competing provers, in which a polynomial-time verifier inspects a constant number of bits of the debate. It was shown by Condon, Feigenbaum, Lund, and Shor that every language in ...
Read More
Fast approximate probabilistically checkable proofs

We investigate the question of when a verifier, with the aid of a proof, can reliably compute a function faster than it can without the proof. The proof system model that we use is based on a variant of the Probabilistically Checkable Proofs (PCP) model,...
Read More
Probabilistically Checkable Proofs Over the Reals

Probabilistically checkable proofs (PCPs) have turned out to be of great importance in complexity theory. On the one hand side they provide a new characterization of the complexity class NP, on the other hand they show a deep connection to approximation ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
STOC '13: Proceedings of the forty-fifth annual ACM symposium on Theory of Computing
June 2013
998 pages
ISBN:9781450320290
DOI:10.1145/2488608
General Chairs:
Dan Boneh
Stanford University, USA
,
Tim Roughgarden
Stanford University, USA
,
Program Chair:
Joan Feigenbaum
Yale University, USA
Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 June 2013
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
PCPs
low-degree tests
reed-solomon code
Qualifiers
- research-article
Conference

Acceptance Rates
STOC '13 Paper Acceptance Rate100of360submissions,28%Overall Acceptance Rate1,469of4,586submissions,32%
More
Upcoming Conference
STOC '24

Sponsor:

sigact

56th Annual ACM Symposium on Theory of Computing (STOC 2024)

June 24 - 28, 2024

Vancouver , BC , Canada
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 46
  Total Citations
  View Citations
- 345
  Total Downloads
- Downloads (Last 12 months)19
- Downloads (Last 6 weeks)6
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

On the concrete efficiency of probabilistically-checkable proofs

STOC '13: Proceedings of the forty-fifth annual ACM symposium on Theory of Computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

Efficient probabilistically checkable debates

Fast approximate probabilistically checkable proofs

Probabilistically Checkable Proofs Over the Reals