Universal equivalence and majority of probabilistic programs over finite fields

We study decidability problems for equivalence of probabilistic programs, for a core probabilistic programming language over finite fields of fixed characteristic. The programming language supports uniform sampling, addition, multiplication and conditionals and thus is sufficiently expressive to encode boolean and arithmetic circuits. We consider two variants of equivalence: the first one considers an interpretation over the finite field Fq, while the second one, which we call universal equivalence, verifies equivalence over all extensions Fqk of Fq. The universal variant typically arises in provable cryptography when one wishes to prove equivalence for any length of bitstrings, i.e., elements of F2k for any k. While the first problem is obviously decidable, we establish its exact complexity which lies in the counting hierarchy. To show decidability, and a doubly exponential upper bound, of the universal variant we rely on results from algorithmic number theory and the possibility to compare local zeta functions associated to given polynomials. Finally we study several variants of the equivalence problem, including a problem we call majority, motivated by differential privacy.

[1]  Mike Rosulek,et al.  Linicrypt: A Model for Practical Cryptography , 2016, CRYPTO.

[2]  Yehuda Lindell,et al.  Tutorials on the Foundations of Cryptography , 2017 .

[3]  Catarina I. Kiefe Sets definable over finite fields: their zeta-functions , 1976 .

[4]  Will Johnson,et al.  Fun with Fields , 2016 .

[5]  Bernard Dwork,et al.  On the Rationality of the Zeta Function of an Algebraic Variety , 1960 .

[6]  Joël Ouaknine,et al.  On Automated Verification of Probabilistic Programs , 2008, TACAS.

[7]  Benjamin Grégoire,et al.  Symbolic Methods in Computational Cryptography Proofs , 2019, 2019 IEEE 32nd Computer Security Foundations Symposium (CSF).

[8]  A. S. Murawski,et al.  Asymmetric Distances for Approximate Differential Privacy , 2019, CONCUR.

[9]  Charanjit S. Jutla,et al.  Decision Procedures for Simulatability , 2012, ESORICS.

[10]  Oded Goldreich,et al.  The bit extraction problem or t-resilient functions , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[11]  Steve Kremer,et al.  Decision problems on probabilistic programs over finite fields and all their extensions , 2020 .

[12]  Somesh Jha,et al.  Satisfiability modulo counting: a new approach for analyzing privacy properties , 2014, CSL-LICS.

[13]  Volker Weispfenning,et al.  Deciding polynomial-transcendental problems , 2012, J. Symb. Comput..

[14]  Timon Gehr,et al.  Fine-Grained Semantics for Probabilistic Programs , 2018, ESOP.

[15]  Joël Ouaknine,et al.  Positivity Problems for Low-Order Linear Recurrence Sequences , 2013, SODA.

[16]  Joël Ouaknine,et al.  On Probabilistic Program Equivalence and Refinement , 2005, CONCUR.

[17]  Bruce M. Kapron,et al.  On the Equality of Probabilistic Terms , 2010, LPAR.

[18]  Yehuda Lindell,et al.  How To Simulate It - A Tutorial on the Simulation Proof Technique , 2016, IACR Cryptol. ePrint Arch..

[19]  Tobias Nipkow,et al.  Unification in primal algebras, their powers and their varieties , 1990, JACM.

[20]  Benjamin Grégoire,et al.  Formal certification of code-based cryptographic proofs , 2009, POPL '09.

[21]  Igor E. Shparlinski,et al.  Operations on power series and linear recurrence sequences , 2003 .

[22]  Stefan Maubach,et al.  The automorphism group over finite fields , 2001 .

[23]  Jacobo Torán,et al.  Complexity classes defined by counting quantifiers , 1991, JACM.

[24]  Moshe Jarden,et al.  THE ELEMENTARY THEORY OF FINITE FIELDS , 2004 .

[25]  Alan G. B. Lauder,et al.  Counting points on varieties over finite fields of small characteristic , 2006, math/0612147.

[26]  Joël Ouaknine,et al.  Decision Problems for Linear Recurrence Sequences , 2012, SCSS.

[27]  Kobbi Nissim,et al.  The Complexity of Verifying Circuits as Differentially Private , 2019, ArXiv.

[28]  Vishal Jagannath Ravi Automated methods for checking differential privacy , 2019 .

[29]  J. Bourgain On Exponential Sums in Finite Fields , 2010 .

[30]  Oded Goldreich,et al.  The Bit Extraction Problem of t-Resilient Functions (Preliminary Version) , 1985, FOCS.

[31]  Jacobo Torán An oracle characterization of the counting hierarchy , 1988, [1988] Proceedings. Structure in Complexity Theory Third Annual Conference.

[32]  A. Weil Numbers of solutions of equations in finite fields , 1949 .

[33]  T. Shorey,et al.  The distance between terms of an algebraic recurrence sequence. , 1984 .

[34]  Michael L. Littman,et al.  The Computational Complexity of Probabilistic Planning , 1998, J. Artif. Intell. Res..