Infeasibility of instance compression and succinct PCPs for NP
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Remote Integrity Check with Dishonest Storage Server
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Incompressibility through Colors and IDs
ICALP '09 Proceedings of the 36th International Colloquium on Automata, Languages and Programming: Part I
Lower Bounds for Kernelizations and Other Preprocessing Procedures
CiE '09 Proceedings of the 5th Conference on Computability in Europe: Mathematical Theory and Computational Practice
On problems without polynomial kernels
Journal of Computer and System Sciences
Reducing Complexity Assumptions for Oblivious Transfer
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
A survey of single-database private information retrieval: techniques and applications
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
One-way permutations, interactive hashing and statistically hiding commitments
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
A linear lower bound on the communication complexity of single-server private information retrieval
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Satisfiability allows no nontrivial sparsification unless the polynomial-time hierarchy collapses
Proceedings of the forty-second ACM symposium on Theory of computing
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Infeasibility of instance compression and succinct PCPs for NP
Journal of Computer and System Sciences
The leakage-resilience limit of a computational problem is equal to its unpredictability entropy
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Black-box reductions and separations in cryptography
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Instance compression for the polynomial hierarchy and beyond
IPEC'12 Proceedings of the 7th international conference on Parameterized and Exact Computation
Hi-index | 0.00 |
We initiate the study of compression that preserves the solution to an instance of a problem rather than preserving the instance itself. Our focus is on the compressibility of NP decision problems. We consider NP problems that have long instances but relatively short witnesses. The question is, can one efficiently compress an instance and store a shorter representation that maintains the information of whether the original input is in the language or not. We want the length of the compressed instance to be polynomial in the length of the witness rather than the length of original input. Such compression enables to succinctly store instances until a future setting will allow solving them, either via a technological or algorithmic breakthrough or simply until enough time has elapsed. We give a new classification of NP with respect to compression. This classification forms a stratification of NP that we call the VC hierarchy. The hierarchy is based on a new type of reduction called W-reduction and there are compression-complete problems for each class. Our motivation for studying this issue stems from the vast cryptographic implications compressibility has. For example, we say that SAT is compressible if there exists a polynomial p(·, ·) so that given a formula consisting of m clauses over n variables it is possible to come up with an equivalent (w.r.t satisfiability) formula of size at most p(n, logm). Then given a compression algorithm for SAT we provide a construction of collision resistant hash functions from any one-way function. This task was shown to be impossible via black-box reductions [41], and indeed the construction presented is inherently non-black-box. Another application of SAT compressibility is a cryptanalytic result concerning the limitation of everlasting security in the bounded storage model when mixed with (time) complexity based cryptography. In addition, we study an approach to constructing an Oblivious Transfer Protocol from any one-way function. This approach is based on compression for SAT that also has a property that we call witness retrievability. However, we mange to prove severe limitations on the ability to achieve witness retrievable compression of SAT.