Paper 2023/1378

Advisor-Verifier-Prover Games and the Hardness of Information Theoretic Cryptography

Benny Applebaum, Tel Aviv University
Oded Nir, Tel Aviv University
Abstract

A major open problem in information-theoretic cryptography is to obtain a super-polynomial lower bound for the communication complexity of basic cryptographic tasks. This question is wide open even for very powerful non-interactive primitives such as private information retrieval (or locally-decodable codes), general secret sharing schemes, conditional disclosure of secrets, and fully-decomposable randomized encoding (or garbling schemes). In fact, for all these primitives we do not even have super-linear lower bounds. Furthermore, it is unknown how to relate these questions to each other or to other complexity-theoretic questions. In this note, we relate all these questions to the classical topic of query/space trade-offs, lifted to the setting of interactive proof systems. Specifically, we consider the following Advisor-Verifier-Prover (AVP) game: First, a function is given to the advisor who computes an advice . Next, an input is given to the verifier and to the prover who claims that . The verifier should check this claim via a single round of interaction based on the private advice and without having any additional information on . We focus on the case where the prover is laconic and communicates only a constant number of bits, and, mostly restrict the attention to the simplest, purely information-theoretic setting, where all parties are allowed to be computationally unbounded. The goal is to minimize the total communication complexity which is dominated by the length of the advice plus the length of the verifier's query. As our main result, we show that a super-polynomial lower bound for AVPs implies a super-polynomial lower bound for a wide range of information-theoretic cryptographic tasks. In particular, we present a communication-efficient transformation from any of the above primitives into an AVP protocol. Interestingly, each primitive induces some additional property over the resulting protocol. Thus AVP games form a new common yardstick that highlights the differences between all the above primitives. Equipped with this view, we revisit the existing (somewhat weak) lower bounds for the above primitives, and show that many of these lower bounds can be unified by proving a single counting-based lower bound on the communication of AVPs, whereas some techniques are inherently limited to specific domains. The latter is shown by proving the first polynomial separations between the complexity of secret-sharing schemes and conditional disclosure of secrets and between the complexity of randomized encodings and conditional disclosure of secrets.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Information Theoretic CryptographySecret SharingPrivate Information RetrievalInteractive Proof Systems
Contact author(s)
benny applebaum @ gmail com
odednir123 @ gmail com
History
2023-09-15: approved
2023-09-14: received
See all versions
Short URL
https://ia.cr/2023/1378
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1378,
      author = {Benny Applebaum and Oded Nir},
      title = {Advisor-Verifier-Prover Games and the Hardness of Information Theoretic Cryptography},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1378},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1378}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.