TY - GEN
T1 - Dot-Product Proofs and Their Applications
AU - Bitansky, Nir
AU - Harsha, Prahladh
AU - Ishai, Yuval
AU - Rothblum, Ron D.
AU - Wu, David J.
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - A dot-product proof (DPP) is a simple probabilistic proof system in which the input statement x and the proof π are vectors over a finite field F, and the proof is verified by making a single dot-product query q, (xπ) jointly to x and π. A DPP can be viewed as a 1-query fully linear PCP. We study the feasibility and efficiency of D PPs, obtaining the following results: •Small-field DPP. For any finite field F and Boolean circuit C of size S, there is a D PP for proving that there exists w such that C(x,w)=1 with a proof π of length S· poly(|F|) and soundness error ϵ=O(1/√{|F}|}). We show this error to be asymptotically optimal. In particular, and in contrast to the best known PCPs, there exist strictly linear-length DPPs over constant-size fields. •Large-field DPP. If |F|≥ poly (S/ϵ), there is a similar DPP with soundness error ϵ and proof length O(S) (in field elements). The above results do not rely on the PCP theorem and their proofs are considerably simpler. We apply our DPP constructions toward two kinds of applications. •Hardness of approximation. We obtain a simple proof for the NP-hardness of approximating MAXLIN (with dense instances) over any finite field F up to some constant factor c > 1, independent of F. Unlike previous PCP-based proofs, our proof yields exponential-time hardness under the exponential time hypothesis (ETH). •Succinct arguments. We improve the concrete efficiency of succinct interactive arguments in the generic group model using input-independent preprocessing. In particular, the communication is comparable to sending two group elements and the verifier's computation is dominated by a single group exponentiation. We also show how to use DPPs together with linear-only encryption to construct succinct commit-and-prove arguments.
AB - A dot-product proof (DPP) is a simple probabilistic proof system in which the input statement x and the proof π are vectors over a finite field F, and the proof is verified by making a single dot-product query q, (xπ) jointly to x and π. A DPP can be viewed as a 1-query fully linear PCP. We study the feasibility and efficiency of D PPs, obtaining the following results: •Small-field DPP. For any finite field F and Boolean circuit C of size S, there is a D PP for proving that there exists w such that C(x,w)=1 with a proof π of length S· poly(|F|) and soundness error ϵ=O(1/√{|F}|}). We show this error to be asymptotically optimal. In particular, and in contrast to the best known PCPs, there exist strictly linear-length DPPs over constant-size fields. •Large-field DPP. If |F|≥ poly (S/ϵ), there is a similar DPP with soundness error ϵ and proof length O(S) (in field elements). The above results do not rely on the PCP theorem and their proofs are considerably simpler. We apply our DPP constructions toward two kinds of applications. •Hardness of approximation. We obtain a simple proof for the NP-hardness of approximating MAXLIN (with dense instances) over any finite field F up to some constant factor c > 1, independent of F. Unlike previous PCP-based proofs, our proof yields exponential-time hardness under the exponential time hypothesis (ETH). •Succinct arguments. We improve the concrete efficiency of succinct interactive arguments in the generic group model using input-independent preprocessing. In particular, the communication is comparable to sending two group elements and the verifier's computation is dominated by a single group exponentiation. We also show how to use DPPs together with linear-only encryption to construct succinct commit-and-prove arguments.
KW - ETH hardness
KW - dot-product proofs
KW - linear PCPs
KW - succinct arguments
UR - https://www.scopus.com/pages/publications/85213027777
U2 - 10.1109/FOCS61266.2024.00057
DO - 10.1109/FOCS61266.2024.00057
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85213027777
T3 - Proceedings - Annual IEEE Symposium on Foundations of Computer Science, FOCS
SP - 806
EP - 825
BT - Proceedings - 2024 IEEE 65th Annual Symposium on Foundations of Computer Science, FOCS 2024
PB - IEEE Computer Society
T2 - 65th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2024
Y2 - 27 October 2024 through 30 October 2024
ER -