Results 11  20
of
1,927
NonDeterministic Exponential Time has TwoProver Interactive Protocols
"... We determine the exact power of twoprover interactive proof systems introduced by BenOr, Goldwasser, Kilian, and Wigderson (1988). In this system, two allpowerful noncommunicating provers convince a randomizing polynomial time verifier in polynomial time that the input z belongs to the language ..."
Abstract

Cited by 402 (40 self)
 Add to MetaCart
We determine the exact power of twoprover interactive proof systems introduced by BenOr, Goldwasser, Kilian, and Wigderson (1988). In this system, two allpowerful noncommunicating provers convince a randomizing polynomial time verifier in polynomial time that the input z belongs to the language L. It was previously suspected (and proved in a relativized sense) that coNPcomplete languages do not admit such proof systems. In sharp contrast, we show that the class of languages having twoprover interactive proof systems is nondeterministic exponential time. After the recent results that all languages in PSPACE have single prover interactive proofs (Lund, Fortnow, Karloff, Nisan, and Shamir), this represents a further step demonstrating the unexpectedly immense power of randomization and interaction in efficient provability. Indeed, it follows that multiple provers with coins are strictly stronger than without, since NEXP # NP. In particular, for the first time, provably polynomial time intractable languages turn out to admit “efficient proof systems’’ since NEXP # P. We show that to prove membership in languages in EXP, the honest provers need the power of EXP only. A consequence, linking more standard concepts of structural complexity, states that if EX P has polynomial size circuits then EXP = Cg = MA. The first part of the proof of the main result extends recent techniques of polynomial extrapolation of truth values used in the single prover case. The second part is a verification scheme for multilinearity of an nvariable function held by an oracle and can be viewed as an independent result on program verification. Its proof rests on combinatorial techniques including the estimation of the expansion rate of a graph.
A Separator Theorem for Planar Graphs f
, 1977
"... Let G be any nvertex planar graph. We prove that the vertices of G can be partitioned into three sets A, B, C such that no edge joins a vertex in A with a vertex in B, neither A nor B contains more than 2n/3 vertices, and C contains no more than 2& & vertices. We exhibit an algorithm which finds su ..."
Abstract

Cited by 397 (1 self)
 Add to MetaCart
Let G be any nvertex planar graph. We prove that the vertices of G can be partitioned into three sets A, B, C such that no edge joins a vertex in A with a vertex in B, neither A nor B contains more than 2n/3 vertices, and C contains no more than 2& & vertices. We exhibit an algorithm which finds such a partition A, B, C in O(n) time.
Proofs that Yield Nothing but Their Validity or All Languages in NP Have ZeroKnowledge Proof Systems
 Journal of the ACM
, 1991
"... Abstract. In this paper the generality and wide applicability of Zeroknowledge proofs, a notion introduced by Goldwasser, Micali, and Rackoff is demonstrated. These are probabilistic and interactive proofs that, for the members of a language, efficiently demonstrate membership in the language witho ..."
Abstract

Cited by 377 (47 self)
 Add to MetaCart
Abstract. In this paper the generality and wide applicability of Zeroknowledge proofs, a notion introduced by Goldwasser, Micali, and Rackoff is demonstrated. These are probabilistic and interactive proofs that, for the members of a language, efficiently demonstrate membership in the language without conveying any additional knowledge. All previously known zeroknowledge proofs were only for numbertheoretic languages in NP fl CONP. Under the assumption that secure encryption functions exist or by using “physical means for hiding information, ‘ ‘ it is shown that all languages in NP have zeroknowledge proofs. Loosely speaking, it is possible to demonstrate that a CNF formula is satisfiable without revealing any other property of the formula, in particular, without yielding neither a
Interprocedural Dataflow Analysis via Graph Reachability
, 1994
"... This paper shows howalarge class of interprocedural dataflowanalysis problems can be solved precisely in polynomial time. The only restrictions are that the set of dataflow facts is a finite set, and that the dataflow functions distribute overthe confluence operator (either union or intersection). ..."
Abstract

Cited by 373 (33 self)
 Add to MetaCart
This paper shows howalarge class of interprocedural dataflowanalysis problems can be solved precisely in polynomial time. The only restrictions are that the set of dataflow facts is a finite set, and that the dataflow functions distribute overthe confluence operator (either union or intersection). This class of problems includesbut is not limited tothe classical separable problems (also known as "gen/kill" or "bitvector" problems)e.g.,reaching definitions, available expressions, and live variables. In addition, the class of problems that our techniques handle includes manynonseparable problems, including trulylive variables, copyconstant propagation, and possiblyuninitialized variables. Anovelaspect of our approach is that an interprocedural dataflowanalysis problem is transformed into a special kind of graphreachability problem (reachability along interprocedurally realizable paths). The paper presents three polynomialtime algorithms for the realizablepath reachability problem: an exhaustive version, a second exhaustive version that may be more appropriate in the incremental and/or interactive context, and a demand version. The first and third of these algorithms are asymptotically faster than the best previously known realizablepath reachability algorithm. An additional benefit of our techniques is that theylead to improved algorithms for twoother kinds of interprocedural analysis problems: interprocedural flowsensitive sideeffect problems (as studied by Callahan) and interprocedural program slicing (as studied by Horwitz, Reps, and Binkley).
Model Checking for Programming Languages using VeriSoft
 IN PROCEEDINGS OF THE 24TH ACM SYMPOSIUM ON PRINCIPLES OF PROGRAMMING LANGUAGES
, 1997
"... Verification by statespace exploration, also often referred to as "model checking", is an effective method for analyzing the correctness of concurrent reactive systems (e.g., communication protocols). Unfortunately, existing modelchecking techniques are restricted to the verification of properties ..."
Abstract

Cited by 369 (12 self)
 Add to MetaCart
Verification by statespace exploration, also often referred to as "model checking", is an effective method for analyzing the correctness of concurrent reactive systems (e.g., communication protocols). Unfortunately, existing modelchecking techniques are restricted to the verification of properties of models, i.e., abstractions, of concurrent systems. In this paper, we discuss how model checking can be extended to deal directly with "actual" descriptions of concurrent systems, e.g., implementations of communication protocols written in programming languages such as C or C++. We then introduce a new search technique that is suitable for exploring the state spaces of such systems. This algorithm has been implemented in VeriSoft, a tool for systematically exploring the state spaces of systems composed of several concurrent processes executing arbitrary C code. As an example of application, we describe how VeriSoft successfully discovered an error in a 2500line C program controlling rob...
SelfTesting/Correcting with Applications to Numerical Problems
, 1990
"... Suppose someone gives us an extremely fast program P that we can call as a black box to compute a function f . Should we trust that P works correctly? A selftesting/correcting pair allows us to: (1) estimate the probability that P (x) 6= f(x) when x is randomly chosen; (2) on any input x, compute ..."
Abstract

Cited by 340 (26 self)
 Add to MetaCart
Suppose someone gives us an extremely fast program P that we can call as a black box to compute a function f . Should we trust that P works correctly? A selftesting/correcting pair allows us to: (1) estimate the probability that P (x) 6= f(x) when x is randomly chosen; (2) on any input x, compute f(x) correctly as long as P is not too faulty on average. Furthermore, both (1) and (2) take time only slightly more than Computer Science Division, U.C. Berkeley, Berkeley, California 94720, Supported by NSF Grant No. CCR 8813632. y International Computer Science Institute, Berkeley, California 94704 z Computer Science Division, U.C. Berkeley, Berkeley, California 94720, Supported by an IBM Graduate Fellowship and NSF Grant No. CCR 8813632. the original running time of P . We present general techniques for constructing simple to program selftesting /correcting pairs for a variety of numerical problems, including integer multiplication, modular multiplication, matrix multiplicatio...
An Efficient Unification Algorithm
 TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS (TOPLAS)
, 1982
"... The unification problem in firstorder predicate calculus is described in general terms as the solution of a system of equations, and a nondeterministic algorithm is given. A new unification algorithm, characterized by having the acyclicity test efficiently embedded into it, is derived from the nond ..."
Abstract

Cited by 336 (1 self)
 Add to MetaCart
The unification problem in firstorder predicate calculus is described in general terms as the solution of a system of equations, and a nondeterministic algorithm is given. A new unification algorithm, characterized by having the acyclicity test efficiently embedded into it, is derived from the nondeterministic one, and a PASCAL implementation is given. A comparison with other wellknown unification algorithms shows that the algorithm described here performs well in all cases.
Ownership Types for Flexible Alias Protection
 In ObjectOriented Programming, Systems, Languages, and Applications (OOPSLA
, 1998
"... Objectoriented programming languages allow interobject aliasing. Although necessary to construct linked data structures and networks of interacting objects, aliasing is problematic in that an aggregate object's state can change via an alias to one of its components, without the aggregate being awa ..."
Abstract

Cited by 332 (38 self)
 Add to MetaCart
Objectoriented programming languages allow interobject aliasing. Although necessary to construct linked data structures and networks of interacting objects, aliasing is problematic in that an aggregate object's state can change via an alias to one of its components, without the aggregate being aware of any aliasing. Ownership types form a static type system that indicates object ownership. This provides a flexible mechanism to limit the visibility of object references and restrict access paths to objects, thus controlling a system's dynamic topology. The type system is shown to be sound, and the specific aliasing properties that a system's object graph satisfies are formulated and proven invariant for welltyped programs. Keywords Alias protection, sharing, containment, ownership, representation exposure, programming language design 1
The relative efficiency of propositional proof systems
 Journal of Symbolic Logic
, 1979
"... http://www.jstor.org/about/terms.html. JSTOR's Terms and Conditions of Use provides, in part, that unless you have obtained prior permission, you may not download an entire issue of a journal or multiple copies of articles, and you may use content in the JSTOR archive only for your personal, noncom ..."
Abstract

Cited by 330 (5 self)
 Add to MetaCart
http://www.jstor.org/about/terms.html. JSTOR's Terms and Conditions of Use provides, in part, that unless you have obtained prior permission, you may not download an entire issue of a journal or multiple copies of articles, and you may use content in the JSTOR archive only for your personal, noncommercial use. Please contact the publisher regarding any further use of this work. Publisher contact information may be obtained at
Cryptographic Limitations on Learning Boolean Formulae and Finite Automata
 PROCEEDINGS OF THE TWENTYFIRST ANNUAL ACM SYMPOSIUM ON THEORY OF COMPUTING
, 1989
"... In this paper we prove the intractability of learning several classes of Boolean functions in the distributionfree model (also called the Probably Approximately Correct or PAC model) of learning from examples. These results are representation independent, in that they hold regardless of the syntact ..."
Abstract

Cited by 311 (16 self)
 Add to MetaCart
In this paper we prove the intractability of learning several classes of Boolean functions in the distributionfree model (also called the Probably Approximately Correct or PAC model) of learning from examples. These results are representation independent, in that they hold regardless of the syntactic form in which the learner chooses to represent its hypotheses. Our methods reduce the problems of cracking a number of wellknown publickey cryptosystems to the learning problems. We prove that a polynomialtime learning algorithm for Boolean formulae, deterministic finite automata or constantdepth threshold circuits would have dramatic consequences for cryptography and number theory: in particular, such an algorithm could be used to break the RSA cryptosystem, factor Blum integers (composite numbers equivalent to 3 modulo 4), and detect quadratic residues. The results hold even if the learning algorithm is only required to obtain a slight advantage in prediction over random guessing. The techniques used demonstrate an interesting duality between learning and cryptography. We also apply our results to obtain strong intractability results for approximating a generalization of graph coloring.