Interactive certificate for the verification of Wiedemann's Krylov sequence: application to the certification of the determinant, the minimal and the characteristic polynomials of sparse matrices

Certificates to a linear algebra computation are additional data structures for each output, which can be used by a—possibly randomized— verification algorithm that proves the correctness of each output. Wiede-mann's algorithm projects the Krylov sequence obtained by repeatedly multiplying a vector by a matrix to obtain a linearly recurrent sequence. The minimal polynomial of this sequence divides the minimal polynomial of the matrix. For instance, if the n×n input matrix is sparse with n 1+o(1) non-zero entries, the computation of the sequence is quadratic in the dimension of the matrix while the computation of the minimal polynomial is n 1+o(1) , once that projected Krylov sequence is obtained. In this paper we give algorithms that compute certificates for the Krylov sequence of sparse or structured n × n matrices over an abstract field, whose Monte Carlo verification complexity can be made essentially linear. As an application this gives certificates for the determinant, the minimal and characteristic polynomials of sparse or structured matrices at the same cost.

[1]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[2]  Bin Li,et al.  Exact certification in global polynomial optimization via sums-of-squares of rational functions with rational coefficients , 2012, J. Symb. Comput..

[3]  Douglas H. Wiedemann Solving sparse linear equations over finite fields , 1986, IEEE Trans. Inf. Theory.

[4]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, IEEE Symposium on Security and Privacy.

[5]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[6]  B. D. Saunders,et al.  Efficient matrix preconditioners for black box linear algebra , 2002 .

[7]  D. Coppersmith Solving homogeneous linear equations over GF (2) via block Wiedemann algorithm , 1994 .

[8]  Gilles Villard,et al.  Further analysis of Coppersmith's block Wiedemann algorithm for the solution of sparse linear systems (extended abstract) , 1997, ISSAC.

[9]  Rusins Freivalds,et al.  Fast Probabilistic Algorithms , 1979, MFCS.

[10]  Andrzej Blikle,et al.  Mathematical Foundations of Computer Science , 1974, Lecture Notes in Computer Science.

[11]  Yael Tauman Kalai,et al.  Improved Delegation of Computation using Fully Homomorphic Encryption , 2010, IACR Cryptol. ePrint Arch..

[12]  E. Kaltofen Analysis of Coppersmith's block Wiedemann algorithm for the parallel solution of sparse linear systems , 1995 .

[13]  Bogdan Warinschi,et al.  How Not to Prove Yourself: Pitfalls of the Fiat-Shamir Heuristic and Applications to Helios , 2012, ASIACRYPT.

[14]  Erich Kaltofen,et al.  Quadratic-time certificates in linear algebra , 2011, ISSAC '11.

[15]  Erich Kaltofen,et al.  Essentially optimal interactive certificates in linear algebra , 2014, ISSAC.

[16]  Joachim von zur Gathen,et al.  Modern Computer Algebra (3. ed.) , 2003 .

[17]  Rosario Gennaro,et al.  Publicly verifiable delegation of large polynomials and matrix computations, with applications , 2012, IACR Cryptol. ePrint Arch..

[18]  Ronald Cramer,et al.  Modular Design of Secure yet Practical Cryptographic Protocols , 1997 .

[19]  Yuval Ishai,et al.  Using Fully Homomorphic Hybrid Encryption to Minimize Non-interative Zero-Knowledge Proofs , 2015, Journal of Cryptology.

[20]  Justin Thaler,et al.  Time-Optimal Interactive Proofs for Circuit Evaluation , 2013, CRYPTO.

[21]  Yael Tauman Kalai,et al.  Delegating computation: interactive proofs for muggles , 2008, STOC.

[22]  Joachim von zur Gathen,et al.  Modern Computer Algebra , 1998 .

[23]  Éric Schost,et al.  Tellegen's principle into practice , 2003, ISSAC '03.