Lecture 24

Probabilistically Checkable Proofs

Theorem MIP=class of languages that can be verified by polynomial time probabilistic verifiers in the RAM model given access to an exponential-length proof.

Proof MIP$$\rightarrow$$Verifier

We can encode strategy of each prover and send it over as the proof. Verifier can use the proof to simulate MIP verification protocol.

• Proof length $$\leq$$ exponential
• Verifier only needs to check one path if the interaction tree so polynomial time.

Verifier$$\rightarrow$$MIP

Key idea 1: If we can ask a prover to fix a possible proof that $$x\in L$$ of exponential length and not modify it midway through the interaction and allow verifier to query bits of the proof, we can design a protocol that shows $$L\in MIP$$.

Does this work?

• When $$x\in L$$, yes. Prover can adhere to the condition, verifier accepts.
• When $$x\not\in L$$, no. If the provers do not follow the promise, we have no guarantees on probabilities that verifier rejects.

Key idea 2: Use prover $$1$$ to query the bits of the proof I need to examine. Use prover $$2$$ to detect if prover $$1$$ failed to stick to the same initial proof.

Details in book.

Definition PCP$$(r(n),q(n))$$ (probabilistically checkable proof) is the class of languages that can be verified by a polynomial-time randomized RAM algorithm that can access a proof of length $$2^{O(r(n))$$ and queries only $$q(n)$$ bits of the proof.

Theorem PCP(poly(n), poly(n))=MIP=NEXP

Corollary NP=PCP(log(n),log(n))

PCP Theorem NP=PCP(log(n),1)

Beyond CS 365

• CS 466: proof of correctness.
• CS 467: challenge the Church-Turing Theorem
• CS 462: Formal Languages and Parsing
• CS 489(?) by Eric