Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system Arthur sends no messages nor flips any coins 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system Arthur sends no messages nor flips any coins 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system Arthur sends no messages nor flips any coins 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system Arthur sends no messages nor flips any coins 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system Arthur sends no messages nor flips any coins 10
Arthur Merlin Proofs Arthur-Merlin proof-systems Arthur: polynomial time verifier Merlin: unbounded prover Random coins come from a beacon Public coin proof-system Arthur sends no messages nor flips any coins 10
MA and AM 11
MA and AM Class of languages with two message Arthur-Merlin protocols 11
MA and AM Class of languages with two message Arthur-Merlin protocols AM (or AM[2]): One message from beacon, followed by one message from Merlin 11
MA and AM Class of languages with two message Arthur-Merlin protocols AM (or AM[2]): One message from beacon, followed by one message from Merlin MA (or MA[2]): One message from Merlin followed by one message from beacon 11
MA and AM Class of languages with two message Arthur-Merlin protocols AM (or AM[2]): One message from beacon, followed by one message from Merlin MA (or MA[2]): One message from Merlin followed by one message from beacon Contain NP and BPP 11
Multiple-message proofs 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages Turns out IP[k] ⊆ AM[k+2]! 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages Turns out IP[k] ⊆ AM[k+2]! Turns out IP[const] = AM[const] = AM[2]! 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages Turns out IP[k] ⊆ AM[k+2]! Turns out IP[const] = AM[const] = AM[2]! Called AM 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages Turns out IP[k] ⊆ AM[k+2]! Turns out IP[const] = AM[const] = AM[2]! Called AM Turns out IP[poly] = AM[poly] = PSPACE! 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages Turns out IP[k] ⊆ AM[k+2]! Turns out IP[const] = AM[const] = AM[2]! Called AM Turns out IP[poly] = AM[poly] = PSPACE! Called IP (= PSPACE) 12
Multiple-message proofs AM[k], MA[k], IP[k]: k(n) messages Turns out IP[k] ⊆ AM[k+2]! Turns out IP[const] = AM[const] = AM[2]! Called AM Turns out IP[poly] = AM[poly] = PSPACE! Called IP (= PSPACE) Later. 12
How can private coins be avoided? 13
How can private coins be avoided? Example: GNI 13
How can private coins be avoided? Example: GNI Recall GNI protocol used private coins 13
How can private coins be avoided? Example: GNI Recall GNI protocol used private coins An alternate view of GNI 13
How can private coins be avoided? Example: GNI Recall GNI protocol used private coins An alternate view of GNI Each of G 0 and G 1 has n! isomorphic graphs 13
Recommend
More recommend
![Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2](https://c.sambuz.com/697105/interactive-proofs-s.jpg)
