Succinct Interactive Oracle Proofs: Applications and Limitations

Shafik Nassar, Ron D. Rothblum

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Interactive Oracle Proofs (IOP s) are a new type of proof-system that combines key properties of interactive proofs and PCP s: IOP s enable a verifier to be convinced of the correctness of a statement by interacting with an untrusted prover while reading just a few bits of the messages sent by the prover. IOP s have become very prominent in the design of efficient proof-systems in recent years. In this work we study succinct IOP s, which are IOP s in which the communication complexity is polynomial (or even linear) in the original witness. While there are strong impossibility results for the existence of succinct PCP s (i.e., PCP s whose length is polynomial in the witness), it is known that the rich class of NP relations that are decidable in small space have succinct IOP s. In this work we show both new applications, and limitations, for succinct IOP s: First, using one-way functions, we show how to compile IOP s into zero-knowledge proofs, while nearly preserving the proof length. This complements a recent line of work, initiated by Ben Sasson et al. (TCC, 2016B), who compile IOP s into super-succinct zero-knowledge arguments.Applying the compiler to the state-of-the-art succinct IOP s yields zero-knowledge proofs for bounded-space NP relations, with communication that is nearly equal to the original witness length. This yields the shortest known zero-knowledge proofs from the minimal assumption of one-way functions.Second, we give a barrier for obtaining succinct IOP s for more general NP relations. In particular, we show that if a language has a succinct IOP, then it can be decided in space that is proportionate only to the witness length, after a bounded-time probabilistic preprocessing. We use this result to show that under a simple and plausible (but to the best of our knowledge, new) complexity-theoretic conjecture, there is no succinct IOP for CSAT.

Original languageEnglish
Title of host publicationAdvances in Cryptology – CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Proceedings
EditorsYevgeniy Dodis, Thomas Shrimpton
PublisherSpringer Science and Business Media Deutschland GmbH
Pages504-532
Number of pages29
ISBN (Print)9783031158018
DOIs
StatePublished - 2022
Event42nd Annual International Cryptology Conference, CRYPTO 2022 - Santa Barbara, United States
Duration: 15 Aug 202218 Aug 2022

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13507 LNCS

Conference

Conference42nd Annual International Cryptology Conference, CRYPTO 2022
Country/TerritoryUnited States
CitySanta Barbara
Period15/08/2218/08/22

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Succinct Interactive Oracle Proofs: Applications and Limitations'. Together they form a unique fingerprint.

Cite this