ABSTRACT
What is the actual cost of derandomization? And can we get it for free? These questions were recently raised by Doron et. al (FOCS 2020) and have been attracting considerable interest. In this work we extend the study of these questions to the setting of derandomizing interactive proofs systems.
First, we show conditional derandomization of MA and of AM with optimal runtime overhead, where optimality is under the #NSETH assumption. Specifically, denote by AMTIME[⇌ c][T] a protocol with c turns of interaction in which the verifier runs in polynomial time T. We prove that, for every constant є>0,
MATIME[T] ⊆ NTIME[T2+є] ,
AMTIME[⇌ c][T] ⊆ NTIME[n· T⌈ c/2 ⌉ + є] ;
assuming the existence of properties of Boolean functions that can be recognized quickly from the function’s truth-table such that functions with the property are hard for proof systems that receive near-maximal amount of non-uniform advice.
To obtain faster derandomization, we introduce the notion of a deterministic effective argument system. This is an NP-type proof system in which the verifier is deterministic, and the soundness is relaxed to be computational, as follows: For every probabilistic polynomial-time adversary P, the probability that P finds an input x∉ L and misleading proof π such that V(x,π)=1 is negligible.
Under strong hardness assumptions, we prove that any constant-round doubly efficient proof system can be compiled into a deterministic effective argument system, with essentially no time overhead. As one corollary, under strong hardness assumptions, for every є>0 there is a deterministic verifier V that gets an n-bit formula Φ of size 2o(n), runs in time 2є · n, and satisfies the following: An honest prover running in time 2O(n) can print, for every Φ, a proof π such that V(Φ,π) outputs the number of satisfying assignments for Φ; and for every adversary P running in time 2O(n), the probability that P finds Φ and π such that V(Φ,π) outputs an incorrect count is 2−ω(n).
- László Babai and Shlomo Moran. 1988. Arthur-Merlin games: a randomized proof system, and a hierarchy of complexity classes. Journal of Computer and System Sciences, 36, 2 (1988), 254–276. Google ScholarDigital Library
- Boaz Barak. 2001. How to Go Beyond the Black-Box Simulation Barrier. In 42nd Annual Symposium on Foundations of Computer Science, FOCS 2001, 14-17 October 2001, Las Vegas, Nevada, USA. IEEE Computer Society, 106–115. Google ScholarDigital Library
- James Bartusek, Liron Bronfman, Justin Holmgren, Fermi Ma, and Ron D. Rothblum. 2019. On the (In)security of Kilian-Based SNARGs. In Theory of Cryptography - 17th International Conference, TCC 2019, Nuremberg, Germany, December 1-5, 2019, Proceedings, Part II, Dennis Hofheinz and Alon Rosen (Eds.) (Lecture Notes in Computer Science, Vol. 11892). Springer, 522–551. Google Scholar
- Mihir Bellare and Phillip Rogaway. 1993. Entity Authentication and Key Distribution. In Advances in Cryptology - CRYPTO ’93, 13th Annual International Cryptology Conference, Santa Barbara, California, USA, August 22-26, 1993, Proceedings, Douglas R. Stinson (Ed.) (Lecture Notes in Computer Science, Vol. 773). Springer, 232–249. Google Scholar
- Eli Ben-Sasson, Alessandro Chiesa, and Nicholas Spooner. 2016. Interactive Oracle Proofs. In Theory of Cryptography - 14th International Conference, TCC 2016-B, Beijing, China, October 31 - November 3, 2016, Proceedings, Part II, Martin Hirt and Adam D. Smith (Eds.) (Lecture Notes in Computer Science, Vol. 9986). 31–60. Google Scholar
- Eli Ben-Sasson, Oded Goldreich, Prahladh Harsha, Madhu Sudan, and Salil P. Vadhan. 2005. Short PCPs Verifiable in Polylogarithmic Time. In 20th Annual IEEE Conference on Computational Complexity (CCC 2005), 11-15 June 2005, San Jose, CA, USA. IEEE Computer Society, 120–134. Google Scholar
- Gilles Brassard, David Chaum, and Claude Crépeau. 1988. Minimum disclosure proofs of knowledge. 37, 156–189. Google Scholar
- Gilles Brassard and Claude Crépeau. 1986. Non-transitive transfer of confidence: A perfect zero-knowledge interactive protocol for SAT and beyond. In Proc. 27th Annual IEEE Symposium on Foundations of Computer Science (FOCS). Google ScholarDigital Library
- Ran Canetti, Yilei Chen, Justin Holmgren, Alex Lombardi, Guy N. Rothblum, Ron D. Rothblum, and Daniel Wichs. 2019. Fiat-Shamir: from practice to theory. In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019, Phoenix, AZ, USA, June 23-26, 2019, Moses Charikar and Edith Cohen (Eds.). ACM, 1082–1090. Google ScholarDigital Library
- Lijie Chen and Roei Tell. 2021. Hardness vs Randomness, Revised: Uniform, Non-Black-Box, and Instance-Wise. In Proc. 62nd Annual IEEE Symposium on Foundations of Computer Science (FOCS). Google Scholar
- Lijie Chen and Roei Tell. 2021. Simple and fast derandomization from very hard functions: Eliminating randomness at almost no cost. In Proc. 53st Annual ACM Symposium on Theory of Computing (STOC). Google ScholarDigital Library
- Lijie Chen and Roei Tell. 2022. When Arthur has Neither Random Coins nor Time to Spare: Superfast Derandomization of Proof Systems. Electronic Colloquium on Computational Complexity: ECCC, 29 (2022), 057. Google Scholar
- Arka Rai Choudhuri, Abhishek Jain, and Zhengzhong Jin. 2021. SNARGs for $ \ mathcal¶\$ from LWE. In 62nd IEEE Annual Symposium on Foundations of Computer Science, FOCS 2021, Denver, CO, USA, February 7-10, 2022. IEEE, 68–79. Google Scholar
- Dean Doron, Dana Moshkovitz, Justin Oh, and David Zuckerman. 2020. Nearly Optimal Pseudorandomness From Hardness. In Proc. 61st Annual IEEE Symposium on Foundations of Computer Science (FOCS). Google ScholarCross Ref
- Joan Feigenbaum and Lance Fortnow. 1993. Random-self-reducibility of complete sets. SIAM Journal of Computing, 22, 5 (1993), 994–1005. Google ScholarDigital Library
- Amos Fiat and Adi Shamir. 1986. How To Prove Yourself: Practical Solutions to Identification and Signature Problems. In Proc. Advances in Cryptology (CRYPTO). 186–194. Google Scholar
- Oded Goldreich. 2018. On doubly-efficient interactive proof systems. Foundations and Trends® in Theoretical Computer Science, 13, 3 (2018), front matter, 1–89. Google ScholarCross Ref
- Oded Goldreich and Avi Widgerson. 2014. On derandomizing algorithms that err extremely rarely. In Proc. 46th Annual ACM Symposium on Theory of Computing (STOC). 109–118. Full version available online at Electronic Colloquium on Computational Complexity: ECCC, 20:152 (Rev. 2), 2013. Google ScholarDigital Library
- Shafi Goldwasser and Yael Tauman Kalai. 2003. On the (In)security of the Fiat-Shamir Paradigm. In 44th Symposium on Foundations of Computer Science (FOCS 2003), 11-14 October 2003, Cambridge, MA, USA, Proceedings. IEEE Computer Society, 102–113. Google ScholarCross Ref
- Shafi Goldwasser, Yael Tauman Kalai, and Guy N. Rothblum. 2015. Delegating computation: interactive proofs for muggles. Journal of the ACM, 62, 4 (2015), Art. 27, 64. Google ScholarDigital Library
- Dan Gutfreund, Ronen Shaltiel, and Amnon Ta-Shma. 2003. Uniform hardness versus randomness tradeoffs for Arthur-Merlin games. Computational Complexity, 12, 3-4 (2003), 85–130. Google ScholarDigital Library
- Justin Holmgren, Alex Lombardi, and Ron D. Rothblum. 2021. Fiat-Shamir via list-recoverable codes (or: parallel repetition of GMW is not zero-knowledge). In STOC ’21: 53rd Annual ACM SIGACT Symposium on Theory of Computing, Virtual Event, Italy, June 21-25, 2021, Samir Khuller and Virginia Vassilevska Williams (Eds.). ACM, 750–760. Google ScholarDigital Library
- Russell Impagliazzo, Valentine Kabanets, and Avi Wigderson. 2002. In search of an easy witness: exponential time vs. probabilistic polynomial time. Journal of Computer and System Sciences, 65, 4 (2002), 672–694. Google ScholarDigital Library
- Joe Kilian. 1992. A Note on Efficient Zero-Knowledge Proofs and Arguments. In Proc. 24th Annual ACM Symposium on Theory of Computing (STOC). Google Scholar
- Adam Klivans and Dieter van Melkebeek. 1998. Graph Nonisomorphism has Subexponential Size Proofs Unless the Polynomial-Time Hierarchy Collapses. Electronic Colloquium on Computational Complexity: ECCC, 5 (1998), 75. Google Scholar
- Silvio Micali. 2000. Computationally sound proofs. SIAM Journal of Computing, 30, 4 (2000), 1253–1298. Google ScholarDigital Library
- Peter Bro Miltersen and N. V. Vinodchandran. 2005. Derandomizing Arthur-Merlin games using hitting sets. Computational Complexity, 14, 3 (2005), 256–279. Google ScholarDigital Library
- Noam Nisan and Avi Wigderson. 1994. Hardness vs. randomness. Journal of Computer and System Sciences, 49, 2 (1994), 149–167. Google ScholarDigital Library
- Chris Peikert and Sina Shiehian. 2019. Noninteractive Zero Knowledge for NP from (Plain) Learning with Errors. In Advances in Cryptology - CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2019, Proceedings, Part I, Alexandra Boldyreva and Daniele Micciancio (Eds.) (Lecture Notes in Computer Science, Vol. 11692). Springer, 89–114. Google Scholar
- David Pointcheval and Jacques Stern. 1996. Provably Secure Blind Signature Schemes. In Advances in Cryptology - ASIACRYPT ’96, International Conference on the Theory and Applications of Cryptology and Information Security, Kyongju, Korea, November 3-7, 1996, Proceedings, Kwangjo Kim and Tsutomu Matsumoto (Eds.) (Lecture Notes in Computer Science, Vol. 1163). Springer, 252–265. Google Scholar
- Alexander A. Razborov and Steven Rudich. 1997. Natural proofs. Journal of Computer and System Sciences, 55, 1, part 1 (1997), 24–35. Google ScholarDigital Library
- Omer Reingold, Guy N. Rothblum, and Ron D. Rothblum. 2018. Efficient Batch Verification for UP. In Proc. 33rd Annual IEEE Conference on Computational Complexity (CCC). 22:1–22:23. Google Scholar
- Omer Reingold, Guy N. Rothblum, and Ron D. Rothblum. 2021. Constant-round interactive proofs for delegating computation. SIAM Journal of Computing, 50, 3 (2021), STOC16–255–STOC16–340. Google ScholarCross Ref
- Ronen Shaltiel and Christopher Umans. 2005. Simple extractors for all min-entropies and a new pseudorandom generator. Journal of the ACM, 52, 2 (2005), 172–216. Google ScholarDigital Library
- Ronen Shaltiel and Christopher Umans. 2006. Pseudorandomness for Approximate Counting and Sampling. Comput. Complex., 15, 4 (2006), 298–341. Google ScholarDigital Library
- Ronen Shaltiel and Christopher Umans. 2007. Low-end uniform hardness vs. randomness tradeoffs for AM. In Proc. 39th Annual ACM Symposium on Theory of Computing (STOC). 430–439. Google ScholarDigital Library
- Adi Shamir. 1992. IP = PSPACE. Journal of the ACM, 39, 4 (1992), 869–877. Google ScholarDigital Library
- Michael Sipser. 1988. Expanders, randomness, or time versus space. Journal of Computer and System Sciences, 36, 3 (1988), 379–383. Google ScholarDigital Library
- Roei Tell. 2022. How to Find Water in the Ocean: A Survey on Quantified Derandomization. Foundations and Trends(r) in Theoretical Computer Science, 15, 1 (2022), 1–125. Google Scholar
- Ryan Williams. 2013. Improving Exhaustive Search Implies Superpolynomial Lower Bounds. SIAM Journal of Computing, 42, 3 (2013), 1218–1244. Google ScholarDigital Library
- Richard Ryan Williams. 2016. Strong ETH breaks with Merlin and Arthur: short non-interactive proofs of batch evaluation. In Proc. 31st Annual IEEE Conference on Computational Complexity (CCC). 50, Art. No. 2, 17. Google Scholar
Index Terms
- When Arthur Has Neither Random Coins Nor Time to Spare: Superfast Derandomization of Proof Systems
Recommendations
Nondeterministic circuit lower bounds from mildly derandomizing Arthur-Merlin games
In several settings, derandomization is known to follow from circuit lower bounds that themselves are equivalent to the existence of pseudorandom generators. This leaves open the question whether derandomization implies the circuit lower bounds that are ...
Graph Nonisomorphism Has Subexponential Size Proofs Unless the Polynomial-Time Hierarchy Collapses
Traditional hardness versus randomness results focus on time-efficient randomized decision procedures. We generalize these trade-offs to a much wider class of randomized processes. We work out various applications, most notably to derandomizing Arthur-...
Bounded Relativization
CCC '23: Proceedings of the conference on Proceedings of the 38th Computational Complexity ConferenceRelativization is one of the most fundamental concepts in complexity theory, which explains the difficulty of resolving major open problems. In this paper, we propose a weaker notion of relativization called bounded relativization. For a complexity ...
Comments