Abstract

Starting with Kilian (STOC `92), several works have shown how to use probabilistically checkable proofs (PCPs) and cryptographic primitives such as collision-resistant hashing to construct very efficient argument systems (a.k.a. computationally sound proofs), for example with polylogarithmic communication complexity. Ishai et al. (CCC `07) raised the question of whether PCPs are inherent in efficient arguments, and to what extent. We give evidence that they are, by showing how to convert any argument system whose soundness is reducible to the security of some cryptographic primitive into a PCP system whose efficiency is related to that of the argument system and the reduction (under certain complexity assumptions).

Highlights

  • Checkable proofs (PCPs) are one of the greatest successes of the interaction between complexity theory and the foundations of cryptography

  • We provide results suggesting that Probabilistically checkable proofs (PCPs) are necessary for constructing efficient arguments

  • We consider a construction of an argument system based on a wide range of cryptographic primitives, where the computational soundness is based on the security of the primitive via an efficient reduction

Read more

Summary

Introduction

Checkable proofs (PCPs) are one of the greatest successes of the interaction between complexity theory and the foundations of cryptography. The question we study here has previously been considered by Ishai, Kushilevitz and Ostrovsky [IKO] They showed that by using a stronger cryptographic primitive, namely (additively) homomorphic encryption rather than collision-resistant hashing, it is possible to construct somewhat efficient arguments using the simpler, exponential-length “Hadamard PCP” [ALM+] rather than the polynomial-length PCPs of the full PCP Theorem. Assume that we have a secure implementation of the cryptographic primitive in the usual sense, e.g. that collision-resistant hash functions exist or that homomorphic encryption schemes exist, with whatever security parameter is used by the underlying argument system (typically polylog(n) to achieve polylogarithmic communication) and security against poly(n)-time adversaries.

Preliminaries and Definitions
Cryptographic Primitives and Reductions
Discussion
A Generic Transformation
Constructions Under Cryptographic Assumptions
Weakening or Eliminating Computational Assumptions
Bounded-Adversary PRFs and CRHFs
Instantiations Using Bounded Adversary Primitives
A Known Argument Constructions
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.