Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Parallel repetition of computationally sound protocols revisited
Ecole Normale Super, Dept Informat, Paris, France .
ETH Zürich, Department of Computer Science.ORCID iD: 0000-0003-4157-1371
2007 (English)In: THEORY OF CRYPTOGRAPHY, PROCEEDINGS, 2007, 86-102 p.Conference paper, Published paper (Refereed)
Abstract [en]

Parallel repetition is well known to reduce the error probability at an exponential rate for single- and multi-prover interactive proofs. Bellare, Impagliazzo and Naor (1997) show that this is also true for protocols where the soundness only holds against computationally bounded provers (e.g. interactive arguments) if the protocol has at most three rounds. On the other hand, for four rounds they give a protocol where this is no longer the case: the error probability does not; decrease below some constant even if the protocol is repeated a polynomial number of times. Unfortunately, this protocol is not very convincing as the communication complexity of each instance of the protocol grows linearly with the number of repetitions, and for such protocols the error does not even decrease for some types of interactive proofs. Noticing this, Bellare et al. construct (a quite artificial) oracle relative to which a four round protocol exists whose communication complexity does not depend on the number of parallel repetitions. This shows that there is no "black-box" error reduction theorem for four round protocols. In this paper we give the first computationally sound protocol where k-fold parallel repetition does not decrease the error probability below some constant for any polynomial k (and where the communication complexity does not depend on k). The protocol has eight rounds and uses the universal arguments of Barak and Goldreich (2001). We also give another four round protocol relative to an oracle, unlike the artificial oracle of Bellare et al., we just need a generic group. This group can then potentially be instantiated with some real group satisfying some well defined hardness assumptions (we do not know of any candidate for such a group at the moment).

Place, publisher, year, edition, pages
2007. 86-102 p.
Series
Lecture Notes in Computer Science, ISSN 0302-9743
National Category
Computer and Information Science
Identifiers
URN: urn:nbn:se:kth:diva-50888ISI: 000245275900005OAI: oai:DiVA.org:kth-50888DiVA: diva2:462978
Conference
4th Theory of Cryptography Conference. Amsterdam, NETHERLANDS. FEB 21-24, 2007
Note
QC 20111209Available from: 2011-12-08 Created: 2011-12-08 Last updated: 2011-12-09Bibliographically approved

Open Access in DiVA

No full text

Authority records BETA

Wikström, Douglas

Search in DiVA

By author/editor
Wikström, Douglas
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 16 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf