skip to main content
10.1145/3313276.3316411acmconferencesArticle/Chapter ViewAbstractPublication PagesstocConference Proceedingsconference-collections
research-article

How to delegate computations publicly

Published: 23 June 2019 Publication History

Abstract

We construct a delegation scheme for all polynomial time computations. Our scheme is publicly verifiable and completely non-interactive in the common reference string (CRS) model.
Our scheme is based on an efficiently falsifiable decisional assumption on groups with bilinear maps. Prior to this work, publicly verifiable non-interactive delegation schemes were only known under knowledge assumptions (or in the Random Oracle model) or under non-standard assumptions related to obfuscation or multilinear maps.
We obtain our result in two steps. First, we construct a scheme with a long CRS (polynomial in the running time of the computation) by following the blueprint of Paneth and Rothblum (TCC 2017). Then we bootstrap this scheme to obtain a short CRS. Our bootstrapping theorem exploits the fact that our scheme can securely delegate certain non-deterministic computations.

References

[1]
Prabhanjan Ananth, Yu-Chi Chen, Kai-Min Chung, Huijia Lin, and Wei-Kai Lin. 2016.
[2]
Delegating RAM Computations with Adaptive Soundness and Privacy. In Theory of Cryptography - 14th International Conference, TCC 2016-B, Beijing, China, October 31 - November 3, 2016, Proceedings, Part II. 3–30.
[3]
Sanjeev Arora, Carsten Lund, Rajeev Motwani, Madhu Sudan, and Mario Szegedy. 1998. Proof Verification and the Hardness of Approximation Problems. J. ACM 45, 3 (1998), 501–555.
[4]
Sanjeev Arora and Shmuel Safra. 1992. Probabilistic Checking of Proofs; A New Characterization of NP. In 33rd Annual Symposium on Foundations of Computer Science, Pittsburgh, Pennsylvania, USA, 24-27 October 1992. 2–13.
[5]
László Babai, Lance Fortnow, Leonid A. Levin, and Mario Szegedy. 1991. Checking Computations in Polylogarithmic Time. In Proceedings of the 23rd Annual ACM Symposium on Theory of Computing, May 5-8, 1991, New Orleans, Louisiana, USA. 21–31.
[6]
Saikrishna Badrinarayanan, Yael Tauman Kalai, Dakshita Khurana, Amit Sahai, and Daniel Wichs. 2018. Succinct delegation for low-space non-deterministic computation. In Proceedings of the 50th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2018, Los Angeles, CA, USA, June 25-29, 2018. 709–721.
[7]
Mihir Bellare and Phillip Rogaway. 1993. Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In ACM Conference on Computer and Communications Security, Dorothy E. Denning, Raymond Pyle, Ravi Ganesan, Ravi S. Sandhu, and Victoria Ashby (Eds.). ACM, 62–73.
[8]
Michael Ben-Or, Shafi Goldwasser, Joe Kilian, and Avi Wigderson. 1988. Multi-Prover Interactive Proofs: How to Remove Intractability Assumptions. In Proceedings of the 20th Annual ACM Symposium on Theory of Computing. 113–131.
[9]
Ingrid Biehl, Bernd Meyer, and Susanne Wetzel. 1999.
[10]
Ensuring the Integrity of Agent-Based Computations by Short Proofs. In Proceedings of the Second International Workshop on Mobile Agents (MA ’98). Springer-Verlag, London, UK, UK, 183–194. http://dl.acm.org/citation.cfm?id=647628.732433
[11]
Nir Bitansky, Ran Canetti, Alessandro Chiesa, Shafi Goldwasser, Huijia Lin, Aviad Rubinstein, and Eran Tromer. 2014. The Hunting of the SNARK. IACR Cryptology ePrint Archive 2014 (2014), 580. http://eprint.iacr.org/2014/580 link to page 10 link to page 10 link to page 10 STOC ’19, June 23–26, 2019, Phoenix, AZ, USA Yael Tauman Kalai, Omer Paneth, and Lisa Yang
[12]
Nir Bitansky, Ran Canetti, Alessandro Chiesa, and Eran Tromer. 2013. Recursive composition and bootstrapping for SNARKS and proof-carrying data, See { 14 }, 111–120.
[13]
Nir Bitansky, Alessandro Chiesa, Yuval Ishai, Rafail Ostrovsky, and Omer Paneth. 2013. Succinct Non-interactive Arguments via Linear Interactive Proofs. In TCC. 315–333. 3- 642- 36594- 2_18
[14]
Nir Bitansky, Sanjam Garg, Huijia Lin, Rafael Pass, and Sidharth Telang. 2015.
[15]
Succinct Randomized Encodings and their Applications. IACR Cryptology ePrint Archive 2015 (2015), 356.
[16]
Manuel Blum, William S. Evans, Peter Gemmell, Sampath Kannan, and Moni Naor. 1994. Checking the Correctness of Memories. Algorithmica 12, 2/3 (1994), 225–244.
[17]
Dan Boneh, Tim Roughgarden, and Joan Feigenbaum (Eds.). 2013. Symposium on Theory of Computing Conference, STOC’13, Palo Alto, CA, USA, June 1-4, 2013. ACM.
[18]
Zvika Brakerski, Justin Holmgren, and Yael Tauman Kalai. 2017. Non-interactive delegation and batch NP verification from standard computational assumptions. In Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2017, Montreal, QC, Canada, June 19-23, 2017. 474–482.
[19]
Zvika Brakerski and Yael Tauman Kalai. 2018. Monotone Batch NP-Delegation with Applications to Access Control. IACR Cryptology ePrint Archive 2018 (2018), 375. https://eprint.iacr.org/2018/375
[20]
Ran Canetti and Justin Holmgren. 2016. Fully Succinct Garbled RAM. In ITCS. ACM, 169–178.
[21]
Ran Canetti, Justin Holmgren, Abhishek Jain, and Vinod Vaikuntanathan. 2015.
[22]
Succinct Garbling and Indistinguishability Obfuscation for RAM Programs. In STOC. ACM, 429–437.
[23]
Yu-Chi Chen, Sherman S. M. Chow, Kai-Min Chung, Russell W. F. Lai, Wei-Kai Lin, and Hong-Sheng Zhou. 2016.
[24]
Cryptography for Parallel RAM from Indistinguishability Obfuscation. In ITCS. ACM, 179–190.
[25]
Stephen A. Cook. 1971.
[26]
The Complexity of Theorem-Proving Procedures. In Proceedings of the 3rd Annual ACM Symposium on Theory of Computing, May 3-5, 1971, Shaker Heights, Ohio, USA. 151–158.
[27]
Ivan Damgård. 1992.
[28]
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks. In Proceedings of CRYPTOÃŕÂ£ÅŞ91. 445–456.
[29]
Ivan Damgård, Sebastian Faust, and Carmit Hazay. 2012.
[30]
Secure Two-Party Computation with Low Communication. In Theory of Cryptography - 9th Theory of Cryptography Conference, TCC 2012, Taormina, Sicily, Italy, March 19-21, 2012. Proceedings. 54–74. 3- 642- 28914- 9_4
[31]
Cynthia Dwork, Uriel Feige, Joe Kilian, Moni Naor, and Shmuel Safra. 1992.
[32]
Low Communication 2-Prover Zero-Knowledge Proofs for NP. In Advances in Cryptology - CRYPTO ’92, 12th Annual International Cryptology Conference, Santa Barbara, California, USA, August 16-20, 1992, Proceedings. 215–227. org/10.1007/3- 540- 48071- 4_15
[33]
Cynthia Dwork, Michael Langberg, Moni Naor, Kobbi Nissim, and Omer Reingold. 2004. Succinct Proofs for NP and Spooky Interactions. (2004).
[34]
Unpublished manuscript, available at http://www.cs.bgu.ac.il/~kobbi/papers/spooky_sub_crypto. pdf.
[35]
Uriel Feige, Shafi Goldwasser, László Lovász, Shmuel Safra, and Mario Szegedy. 1991. Approximating Clique is Almost NP-Complete (Preliminary Version). In FOCS. IEEE Computer Society, 2–12.
[36]
Rosario Gennaro, Craig Gentry, Bryan Parno, and Mariana Raykova. 2013. Quadratic Span Programs and Succinct NIZKs without PCPs. In Advances in Cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26-30, 2013. Proceedings. 626–645. 3- 642- 38348- 9_37
[37]
Craig Gentry and Daniel Wichs. 2011.
[38]
Separating Succinct Non-interactive Arguments from All Falsifiable Assumptions. In Proceedings of the Forty-third Annual ACM Symposium on Theory of Computing (STOC ’11). ACM, New York, NY, USA, 99–108.
[39]
Oded Goldreich and Johan Håstad. 1998.
[40]
On the Complexity of Interactive Proofs with Bounded Communication. Inf. Process. Lett. 67, 4 (1998), 205–214. 0190(98)00116- 1
[41]
Shafi Goldwasser, Yael Tauman Kalai, and Guy N. Rothblum. 2008. Delegating computation: interactive proofs for muggles. In STOC, Cynthia Dwork (Ed.). ACM, 113–122.
[42]
Shafi Goldwasser, Yael Tauman Kalai, and Guy N. Rothblum. 2015. Delegating Computation: Interactive Proofs for Muggles. J. ACM 62, 4 (2015), 27.
[43]
Shafi Goldwasser, Silvio Micali, and Ronald L. Rivest. 1988. A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM J. Comput. 17, 2 (1988), 281–308.
[44]
Jens Groth. 2010. Short Pairing-Based Non-interactive Zero-Knowledge Arguments. In ASIACRYPT (Lecture Notes in Computer Science), Vol. 6477. Springer, 321–340.
[45]
Yael Tauman Kalai and Omer Paneth. 2015. Delegating RAM Computations. IACR Cryptology ePrint Archive 2015 (2015), 957.
[46]
Yael Tauman Kalai and Omer Paneth. 2016.
[47]
Delegating RAM Computations. In Theory of Cryptography - 14th International Conference, TCC 2016-B, Beijing, China, October 31 - November 3, 2016, Proceedings, Part II. 91–118. org/10.1007/978- 3- 662- 53644- 5_4
[48]
Yael Tauman Kalai, Ran Raz, and Ron D. Rothblum. 2013. Delegation for bounded space, See { 14 }, 565–574.
[49]
Yael Tauman Kalai, Ran Raz, and Ron D. Rothblum. 2014.
[50]
How to delegate computations: the power of no-signaling proofs. In STOC. ACM, 485–494.
[51]
Richard M. Karp. 1972. Reducibility Among Combinatorial Problems. In Proceedings of a symposium on the Complexity of Computer Computations, held March 20-22, 1972, at the IBM Thomas J. Watson Research Center, Yorktown Heights, New York, USA. 85–103. http://www.cs.berkeley.edu/%7Eluca/cs172/karp.pdf
[52]
Joe Kilian. 1992.
[53]
A Note on Efficient Zero-Knowledge Proofs and Arguments (Extended Abstract). In Proceedings of the 24th Annual ACM Symposium on Theory of Computing. ACM, 723–732.
[54]
Venkata Koppula, Allison Bishop Lewko, and Brent Waters. 2015. Indistinguishability Obfuscation for Turing Machines with Unbounded Memory. In STOC. ACM, 419–428.
[55]
Helger Lipmaa. 2012. Progression-Free Sets and Sublinear Pairing-Based Non-Interactive Zero-Knowledge Arguments. In TCC. 169–189.
[56]
Silvio Micali. 1994. CS Proofs (Extended Abstracts). In 35th Annual Symposium on Foundations of Computer Science, Santa Fe, New Mexico, USA, 20-22 November 1994.
[57]
IEEE Computer Society, 436–453. Full version in { 42 }.
[58]
Silvio Micali. 2000. Computationally Sound Proofs. SIAM J. Comput. 30, 4 (2000), 1253–1298.
[59]
Moni Naor. 2003. On Cryptographic Assumptions and Challenges. In Proceedings of the 23rd Annual International Cryptology Conference. 96–109.
[60]
Omer Paneth and Guy N. Rothblum. 2017.
[61]
On Zero-Testable Homomorphic Encryption and Publicly Verifiable Non-interactive Arguments. In Theory of Cryptography - 15th International Conference, TCC 2017, Baltimore, MD, USA, November 12-15, 2017, Proceedings, Part II. 283–315. 978- 3- 319- 70503- 3_9
[62]
Bryan Parno, Mariana Raykova, and Vinod Vaikuntanathan. 2012.
[63]
How to Delegate and Verify in Public: Verifiable Computation from Attribute-Based Encryption. In Theory of Cryptography - 9th Theory of Cryptography Conference, TCC 2012, Taormina, Sicily, Italy, March 19-21, 2012. Proceedings. 422–439. 3- 642- 28914- 9_24
[64]
Omer Reingold, Guy N. Rothblum, and Ron D. Rothblum. 2016. Constant-round interactive proofs for delegating computation. In Proceedings of the 48th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2016, Cambridge, MA, USA, June 18-21, 2016. 49–62.
[65]
Adi Shamir. 1992. IP = PSPACE. J. ACM 39, 4 (1992), 869–877.
[66]
Paul Valiant. 2008. Incrementally Verifiable Computation or Proofs of Knowledge Imply Time/Space Efficiency. In TCC. 1–18. Abstract 1 Introduction 1.1 Our Result 2 Technical Overview 2.1 Quasi-arguments. 2.2 The Bootstrapping Theorem. 2.3 Constructing Quasi-arguments. References

Cited By

View all
  • (2025)A New Paradigm for Server-Aided MPCIACR Communications in Cryptology10.62056/ab3wa0l5vt1:4Online publication date: 13-Jan-2025
  • (2024)Adaptively-Sound Succinct Arguments for NP from Indistinguishability ObfuscationProceedings of the 56th Annual ACM Symposium on Theory of Computing10.1145/3618260.3649671(387-398)Online publication date: 11-Jun-2024
  • (2024)Compact NIZKs from Standard Assumptions on Bilinear MapsJournal of Cryptology10.1007/s00145-024-09503-837:3Online publication date: 13-May-2024
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
STOC 2019: Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing
June 2019
1258 pages
ISBN:9781450367059
DOI:10.1145/3313276
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 June 2019

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. bootstrapping
  2. delegation
  3. public verification

Qualifiers

  • Research-article

Conference

STOC '19
Sponsor:

Acceptance Rates

Overall Acceptance Rate 1,469 of 4,586 submissions, 32%

Upcoming Conference

STOC '25
57th Annual ACM Symposium on Theory of Computing (STOC 2025)
June 23 - 27, 2025
Prague , Czech Republic

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)33
  • Downloads (Last 6 weeks)4
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)A New Paradigm for Server-Aided MPCIACR Communications in Cryptology10.62056/ab3wa0l5vt1:4Online publication date: 13-Jan-2025
  • (2024)Adaptively-Sound Succinct Arguments for NP from Indistinguishability ObfuscationProceedings of the 56th Annual ACM Symposium on Theory of Computing10.1145/3618260.3649671(387-398)Online publication date: 11-Jun-2024
  • (2024)Compact NIZKs from Standard Assumptions on Bilinear MapsJournal of Cryptology10.1007/s00145-024-09503-837:3Online publication date: 13-May-2024
  • (2024)Lattice-Based Multi-entity Identification ProtocolsMobile Internet Security10.1007/978-981-97-4465-7_4(51-65)Online publication date: 12-Jul-2024
  • (2024)Homomorphic Secret Sharing with Verifiable EvaluationTheory of Cryptography10.1007/978-3-031-78023-3_20(614-650)Online publication date: 2-Dec-2024
  • (2024)Monotone Policy BARGs from BARGs and Additively Homomorphic EncryptionTheory of Cryptography10.1007/978-3-031-78017-2_14(399-430)Online publication date: 28-Nov-2024
  • (2024)Batching Adaptively-Sound SNARGs for NPTheory of Cryptography10.1007/978-3-031-78017-2_12(339-370)Online publication date: 28-Nov-2024
  • (2024)Adaptively Sound Zero-Knowledge SNARKs for UPAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68403-6_2(38-71)Online publication date: 18-Aug-2024
  • (2024)Reducing the CRS Size in Registered ABE SystemsAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68382-4_5(143-177)Online publication date: 16-Aug-2024
  • (2024)Fully-Succinct Multi-key Homomorphic Signatures from Standard AssumptionsAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68382-4_10(317-351)Online publication date: 18-Aug-2024
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media