Rationality and Efficient Verifiable Computation

RATIONALITY AND EFFICIENT VERIFIABLE COMPUTATION by MATTEO CAMPANELLI Advisor: Professor Rosario Gennaro In this thesis, we study protocols for delegating computation in a model where one of the parties is rational. In our model, a delegator outsources the computation of a function f on input x to a worker, who receives a (possibly monetary) reward. Our goal is to design very efficient delegation schemes where a worker is economically incentivized to provide the correct result f(x). In this work we strive for not relying on cryptographic assumptions, in particular our results do not require the existence of one-way functions. We provide several results within the framework of rational proofs introduced by Azar and Micali (STOC 2012). We make several contributions to efficient rational proofs for general feasible computations. First, we design schemes with a sublinear verifier with low round and communication complexity for space-bounded computations. Second, we provide evidence, as lower bounds, against the existence of rational proofs: with logarithmic communication and polylogarithmic verification for P and with polylogarithmic communication for NP. We then move to study the case where a delegator outsources multiple inputs. First, we formalize an extended notion of rational proofs for this scenario (sequential composability) and we show that existing schemes do not satisfy it. We show how these protocols incentivize workers to provide many “fast” incorrect answers which allow them to solve more problems and collect more rewards. We then design a d-rounds rational proof for sufficiently “regular” arithmetic circuit of depth d = O(log n) with sublinear verification. We show, that under certain cost assumptions, our scheme is sequentially composable, i.e. it can be used to delegate multiple inputs. We finally show

[1]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[2]  Alon Rosen,et al.  Rational Sumchecks , 2015, TCC.

[3]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[4]  Periklis A. Papakonstantinou Constructions, Lower Bounds, and New Directions in Cryptography and Computational Complexity , 2010 .

[5]  Guy N. Rothblum,et al.  Constant-Round Interactive Proofs for Delegating Computation , 2016, Electron. Colloquium Comput. Complex..

[6]  Andrew J. Blumberg,et al.  Verifying computations without reexecuting them , 2015, Commun. ACM.

[7]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[8]  Russell Impagli A Personal View of Average-Case Complexity , 1995 .

[9]  Torben Hagerup Fast Parallel Generation of Random Permutations , 1991, ICALP.

[10]  Guy N. Rothblum,et al.  Verifying and decoding in constant depth , 2007, STOC '07.

[11]  R. Raz,et al.  How to delegate computations: the power of no-signaling proofs , 2014, Electron. Colloquium Comput. Complex..

[12]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[13]  David S. Johnson,et al.  The NP-completeness column: The many limits on approximation , 2006, TALG.

[14]  Noam Nisan,et al.  Pseudorandom generators for space-bounded computation , 1992, Comb..

[15]  Maxim Sviridenko,et al.  Maximum Quadratic Assignment Problem: Reduction from Maximum Label Cover and LP-based Approximation Algorithm , 2010, TALG.

[16]  Alon Rosen,et al.  Rational arguments: single round delegation with sublinear verification , 2014, ITCS.

[17]  Eli Upfal,et al.  Constructing a perfect matching is in random NC , 1985, STOC '85.

[18]  A. Razborov Lower bounds on the size of bounded depth circuits over a complete basis with logical addition , 1987 .

[19]  Guy N. Rothblum,et al.  Delegating computation reliably: paradigms and constructions , 2009 .

[20]  Joseph Y. Halpern I Don't Want to Think About it Now: Decision Theory with Costly Computation , 2010, KR.

[21]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[22]  Johan Håstad One-Way Permutations in NC0 , 1987, Inf. Process. Lett..

[23]  Subhash Khot,et al.  Better Inapproximability Results for MaxClique, Chromatic Number and Min-3Lin-Deletion , 2006, ICALP.

[24]  Uzi Vishkin,et al.  Converting high probability into nearly-constant time—with applications to parallel hashing , 1991, STOC '91.