Results 11  20
of
64
Subquadratic ZeroKnowledge
, 1995
"... We improve on the communication complexity of zeroknowledge proof systems. Let C be a boolean circuit of size n. Previous zeroknowledge proof systems for the satisfiability of C require the use of \Omega\Gamma kn) bit commitments in order to achieve a probability of undetected cheating below 2 \G ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
We improve on the communication complexity of zeroknowledge proof systems. Let C be a boolean circuit of size n. Previous zeroknowledge proof systems for the satisfiability of C require the use of \Omega\Gamma kn) bit commitments in order to achieve a probability of undetected cheating below 2 \Gammak . In the case k = n, the communication complexity of these protocols is therefore\Omega\Gamma n 2 ) bit commitments. In this paper, we present a zeroknowledge proof system for achieving the same goal with only O(n 1+"n + k p n 1+"n ) bit commitments, where " n goes to zero as n goes to infinity. In the case k = n, this is O(n p n 1+"n ). Moreover, only O(k) commitments need ever be opened, which is interesting if it is substantially less expensive to commit to a bit than to open a commitment. A preliminary version of this paper appeared in the Proceedings of the 32nd Annual IEEE Symposium on Foundations of Computer Science, October 1991. y Supported in part by NSA Gr...
A probabilistic algorithm for verifying matrix products using o(n2) time and log2n+o(1) random bits
 Inf. Process. Lett
, 1993
"... ..."
On the Power of Randomized Ordered Branching Programs
, 1997
"... We define the notion of a randomized branching program in the natural way similar to the definition of a randomized circuit. We exhibit an explicit boolean function fn : f0; 1g n ! f0; 1g for which we prove that: 1) fn can be computed by polynomial size randomized readonce ordered branching progr ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
We define the notion of a randomized branching program in the natural way similar to the definition of a randomized circuit. We exhibit an explicit boolean function fn : f0; 1g n ! f0; 1g for which we prove that: 1) fn can be computed by polynomial size randomized readonce ordered branching program with a small onesided error; 2) fn cannot be computed in polynomial size by nondeterministic ordered read A ktimes branching program for k = o(n= log n) (any nondeterministic ordered read A ktimes branching program that computes function fn has the size no less than 2 (n\Gamma1)=(2k\Gamma1) ). By read A ktimes branching program we define branching program with the property: no input variable appears more than k times on any consistent accepting computation path in the program. 1 Preliminaries and definitions Different models of branching program introduced in [18, 19], has been studied extensively in the last decade (see [25]). A survey of known lower bounds for different...
Randomized Synopses for Query Assurance on Data Streams
"... Due to the overwhelming flow of information in many data stream applications, many companies may not be willing to acquire the necessary resources for deploying a Data Stream Management System (DSMS), choosing, alternatively, to outsource the data stream and the desired computations to a thirdparty ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
Due to the overwhelming flow of information in many data stream applications, many companies may not be willing to acquire the necessary resources for deploying a Data Stream Management System (DSMS), choosing, alternatively, to outsource the data stream and the desired computations to a thirdparty. But data outsourcing and remote computations intrinsically raise issues of trust, making outsourced query assurance on data streams a problem with important practical implications. Consider a setting where a continuous “GROUP BY, SUM ” query is processed using a remote, untrusted server. A client with limited processing capabilities observing exactly the same stream as the server, registers the query on the server’s DSMS and receives results upon request. The client wants to verify the integrity of the results using significantly fewer resources than evaluating the query locally. Towards that goal, we propose a probabilistic verification algorithm for selection and aggregate/groupby queries, that uses constant space irrespective of the resultset size, has low update cost per stream element, and can have arbitrarily small probability of failure. We generalize this algorithm to allow some tolerance on the number of erroneous groups detected, in order to support semantic load shedding on the server. We also discuss the hardness of supporting random load shedding. Finally, we implement our techniques and perform an empirical evaluation using live network traffic. 1
Probabilities to Accept Languages by Quantum Finite Automata. COCOON
 Lecture Notes in Computer Science,
, 1999
"... ..."
Testing Multivariate Linear Functions: Overcoming the Generator Bottleneck
 Proc. 27th STOC
, 1994
"... The problem of testing program correctness has received considerable attention in computer science. One approach to this problem is the notion of selftesting programs [BLR90]. Selftesting usually becomes more costly in the case of testing multivariate functions. In this paper we present efficien ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
(Show Context)
The problem of testing program correctness has received considerable attention in computer science. One approach to this problem is the notion of selftesting programs [BLR90]. Selftesting usually becomes more costly in the case of testing multivariate functions. In this paper we present efficient methods for selftesting multivariate linear functions. We then apply these methods to several multivariate linear problems to construct efficient selftesters. Cornell University. email: ergun@cs.cornell.edu. This work is supported by ONR Young Investigator Award N000149310590 1 1 Introduction Selftesting/correcting programs, which were introduced in [BLR90], are a powerful tool for attacking the problem of program correctness. Various problems have been shown to have selftesters and selfcorrectors[BLR90][BF90][Lip91][CL90][GLRSW91][RS92][RS93]. In this paper we investigate the problem of selftesting multivariate linear functions, i.e., given a multivariate linear function f a...
Tests and Tolerances for HighPerformance SoftwareImplemented Fault Detection
 IEEE Transactions on Computers, V. 52, N
, 2003
"... Abstract—We describe and test a software approach to fault detection in common numerical algorithms. Such result checking or algorithmbased fault tolerance (ABFT) methods may be used, for example, to overcome singleevent upsets in computational hardware or to detect errors in complex, highefficie ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
(Show Context)
Abstract—We describe and test a software approach to fault detection in common numerical algorithms. Such result checking or algorithmbased fault tolerance (ABFT) methods may be used, for example, to overcome singleevent upsets in computational hardware or to detect errors in complex, highefficiency implementations of the algorithms. Following earlier work, we use checksum methods to validate results returned by a numerical subroutine operating subject to unpredictable errors in data. We consider common matrix and Fourier algorithms which return results satisfying a necessary condition having a linear form; the checksum tests compliance with this condition. We discuss the theory and practice of setting numerical tolerances to separate errors caused by a fault from those inherent in finiteprecision floatingpoint calculations. We concentrate on comprehensively defining and evaluating tests having various accuracy/computational burden tradeoffs, and we emphasize averagecase algorithm behavior rather than using worstcase upper bounds on error. Index Terms—Algorithmbased fault tolerance, result checking, error analysis, aerospace, parallel numerical algorithms. æ
SelfTesting Without The Generator Bottleneck
 SIAM J. on Computing
, 1995
"... Suppose P is a program designed to compute a function f defined on a group G. The task of selftesting P , that is, testing if P computes f correctly on most inputs, usually involves testing explicitly if P computes f correctly on every generator of G. In the case of multivariate functions, the numb ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
Suppose P is a program designed to compute a function f defined on a group G. The task of selftesting P , that is, testing if P computes f correctly on most inputs, usually involves testing explicitly if P computes f correctly on every generator of G. In the case of multivariate functions, the number of generators, and hence the number of such tests, becomes prohibitively large. We refer to this problem as the generator bottleneck . We develop a technique that can be used to overcome the generator bottleneck for functions that have a certain nice structure, specifically if the relationship between the values of the function on the set of generators is easily checkable. Using our technique, we build the first efficient selftesters for many linear, multilinear, and some nonlinear functions. This includes the FFT, and various polynomial functions. All of the selftesters we present make only O(1) calls to the program that is being tested. As a consequence of our techniques, we also obtain efficient program resultcheckers for all these problems.
Delegating computation reliably: Paradigms and Constructions
, 2009
"... In an emerging computing paradigm, computational capabilities, from processing power to storage capacities, are offered to users over communication networks as a service. This new paradigm holds enormous promise for increasing the utility of computationally weak devices. A natural approach is for we ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
In an emerging computing paradigm, computational capabilities, from processing power to storage capacities, are offered to users over communication networks as a service. This new paradigm holds enormous promise for increasing the utility of computationally weak devices. A natural approach is for weak devices to delegate expensive tasks, such as storing a large file or running a complex computation, to more powerful entities (say servers) connected to the same network. While the delegation approach seems promising, it raises an immediate concern: when and how can a weak device verify that a computational task was completed correctly? This practically motivated question touches on foundational questions in cryptography and complexity theory. The focus of this thesis is verifying the correctness of delegated computations. We construct efficient protocols (interactive proofs) for delegating computational tasks. In particular, we present: e A protocol for delegating any computation, where the work needed to verify the correctness of the output is linear in the input length, polynomial in the computation's