1,210 research outputs found
Quantum Proofs
Quantum information and computation provide a fascinating twist on the notion
of proofs in computational complexity theory. For instance, one may consider a
quantum computational analogue of the complexity class \class{NP}, known as
QMA, in which a quantum state plays the role of a proof (also called a
certificate or witness), and is checked by a polynomial-time quantum
computation. For some problems, the fact that a quantum proof state could be a
superposition over exponentially many classical states appears to offer
computational advantages over classical proof strings. In the interactive proof
system setting, one may consider a verifier and one or more provers that
exchange and process quantum information rather than classical information
during an interaction for a given input string, giving rise to quantum
complexity classes such as QIP, QSZK, and QMIP* that represent natural quantum
analogues of IP, SZK, and MIP. While quantum interactive proof systems inherit
some properties from their classical counterparts, they also possess distinct
and uniquely quantum features that lead to an interesting landscape of
complexity classes based on variants of this model.
In this survey we provide an overview of many of the known results concerning
quantum proofs, computational models based on this concept, and properties of
the complexity classes they define. In particular, we discuss non-interactive
proofs and the complexity class QMA, single-prover quantum interactive proof
systems and the complexity class QIP, statistical zero-knowledge quantum
interactive proof systems and the complexity class \class{QSZK}, and
multiprover interactive proof systems and the complexity classes QMIP, QMIP*,
and MIP*.Comment: Survey published by NOW publisher
Generalized Quantum Arthur-Merlin Games
This paper investigates the role of interaction and coins in public-coin
quantum interactive proof systems (also called quantum Arthur-Merlin games).
While prior works focused on classical public coins even in the quantum
setting, the present work introduces a generalized version of quantum
Arthur-Merlin games where the public coins can be quantum as well: the verifier
can send not only random bits, but also halves of EPR pairs. First, it is
proved that the class of two-turn quantum Arthur-Merlin games with quantum
public coins, denoted qq-QAM in this paper, does not change by adding a
constant number of turns of classical interactions prior to the communications
of the qq-QAM proof systems. This can be viewed as a quantum analogue of the
celebrated collapse theorem for AM due to Babai. To prove this collapse
theorem, this paper provides a natural complete problem for qq-QAM: deciding
whether the output of a given quantum circuit is close to a totally mixed
state. This complete problem is on the very line of the previous studies
investigating the hardness of checking the properties related to quantum
circuits, and is of independent interest. It is further proved that the class
qq-QAM_1 of two-turn quantum-public-coin quantum Arthur-Merlin proof systems
with perfect completeness gives new bounds for standard well-studied classes of
two-turn interactive proof systems. Finally, the collapse theorem above is
extended to comprehensively classify the role of interaction and public coins
in quantum Arthur-Merlin games: it is proved that, for any constant m>1, the
class of problems having an m-turn quantum Arthur-Merlin proof system is either
equal to PSPACE or equal to the class of problems having a two-turn quantum
Arthur-Merlin game of a specific type, which provides a complete set of quantum
analogues of Babai's collapse theorem.Comment: 31 pages + cover page, the proof of Lemma 27 (Lemma 24 in v1) is
corrected, and a new completeness result is adde
Stronger Methods of Making Quantum Interactive Proofs Perfectly Complete
This paper presents stronger methods of achieving perfect completeness in
quantum interactive proofs. First, it is proved that any problem in QMA has a
two-message quantum interactive proof system of perfect completeness with
constant soundness error, where the verifier has only to send a constant number
of halves of EPR pairs. This in particular implies that the class QMA is
necessarily included by the class QIP_1(2) of problems having two-message
quantum interactive proofs of perfect completeness, which gives the first
nontrivial upper bound for QMA in terms of quantum interactive proofs. It is
also proved that any problem having an -message quantum interactive proof
system necessarily has an -message quantum interactive proof system of
perfect completeness. This improves the previous result due to Kitaev and
Watrous, where the resulting system of perfect completeness requires
messages if not using the parallelization result.Comment: 41 pages; v2: soundness parameters improved, correction of a minor
error in Lemma 23, and removal of the sentences claiming that our techniques
are quantumly nonrelativizin
Quantum interactive proofs with short messages
This paper considers three variants of quantum interactive proof systems in
which short (meaning logarithmic-length) messages are exchanged between the
prover and verifier. The first variant is one in which the verifier sends a
short message to the prover, and the prover responds with an ordinary, or
polynomial-length, message; the second variant is one in which any number of
messages can be exchanged, but where the combined length of all the messages is
logarithmic; and the third variant is one in which the verifier sends
polynomially many random bits to the prover, who responds with a short quantum
message. We prove that in all of these cases the short messages can be
eliminated without changing the power of the model, so the first variant has
the expressive power of QMA and the second and third variants have the
expressive power of BQP. These facts are proved through the use of quantum
state tomography, along with the finite quantum de Finetti theorem for the
first variant.Comment: 15 pages, published versio
Rational Proofs with Multiple Provers
Interactive proofs (IP) model a world where a verifier delegates computation
to an untrustworthy prover, verifying the prover's claims before accepting
them. IP protocols have applications in areas such as verifiable computation
outsourcing, computation delegation, cloud computing. In these applications,
the verifier may pay the prover based on the quality of his work. Rational
interactive proofs (RIP), introduced by Azar and Micali (2012), are an
interactive-proof system with payments, in which the prover is rational rather
than untrustworthy---he may lie, but only to increase his payment. Rational
proofs leverage the provers' rationality to obtain simple and efficient
protocols. Azar and Micali show that RIP=IP(=PSAPCE). They leave the question
of whether multiple provers are more powerful than a single prover for rational
and classical proofs as an open problem.
In this paper, we introduce multi-prover rational interactive proofs (MRIP).
Here, a verifier cross-checks the provers' answers with each other and pays
them according to the messages exchanged. The provers are cooperative and
maximize their total expected payment if and only if the verifier learns the
correct answer to the problem. We further refine the model of MRIP to
incorporate utility gap, which is the loss in payment suffered by provers who
mislead the verifier to the wrong answer.
We define the class of MRIP protocols with constant, noticeable and
negligible utility gaps. We give tight characterization for all three MRIP
classes. We show that under standard complexity-theoretic assumptions, MRIP is
more powerful than both RIP and MIP ; and this is true even the utility gap is
required to be constant. Furthermore the full power of each MRIP class can be
achieved using only two provers and three rounds. (A preliminary version of
this paper appeared at ITCS 2016. This is the full version that contains new
results.)Comment: Proceedings of the 2016 ACM Conference on Innovations in Theoretical
Computer Science. ACM, 201
Non-Cooperative Rational Interactive Proofs
Interactive-proof games model the scenario where an honest party interacts with powerful but strategic provers, to elicit from them the correct answer to a computational question. Interactive proofs are increasingly used as a framework to design protocols for computation outsourcing.
Existing interactive-proof games largely fall into two categories: either as games of cooperation such as multi-prover interactive proofs and cooperative rational proofs, where the provers work together as a team; or as games of conflict such as refereed games, where the provers directly compete with each other in a zero-sum game. Neither of these extremes truly capture the strategic nature of service providers in outsourcing applications. How to design and analyze non-cooperative interactive proofs is an important open problem.
In this paper, we introduce a mechanism-design approach to define a multi-prover interactive-proof model in which the provers are rational and non-cooperative - they act to maximize their expected utility given others\u27 strategies. We define a strong notion of backwards induction as our solution concept to analyze the resulting extensive-form game with imperfect information.
We fully characterize the complexity of our proof system under different utility gap guarantees. (At a high level, a utility gap of u means that the protocol is robust against provers that may not care about a utility loss of 1/u.) We show, for example, that the power of non-cooperative rational interactive proofs with a polynomial utility gap is exactly equal to the complexity class P^{NEXP}
Perfect zero knowledge for quantum multiprover interactive proofs
In this work we consider the interplay between multiprover interactive
proofs, quantum entanglement, and zero knowledge proofs - notions that are
central pillars of complexity theory, quantum information and cryptography. In
particular, we study the relationship between the complexity class MIP, the
set of languages decidable by multiprover interactive proofs with quantumly
entangled provers, and the class PZKMIP, which is the set of languages
decidable by MIP protocols that furthermore possess the perfect zero
knowledge property.
Our main result is that the two classes are equal, i.e., MIP
PZKMIP. This result provides a quantum analogue of the celebrated result of
Ben-Or, Goldwasser, Kilian, and Wigderson (STOC 1988) who show that MIP
PZKMIP (in other words, all classical multiprover interactive protocols can be
made zero knowledge). We prove our result by showing that every MIP
protocol can be efficiently transformed into an equivalent zero knowledge
MIP protocol in a manner that preserves the completeness-soundness gap.
Combining our transformation with previous results by Slofstra (Forum of
Mathematics, Pi 2019) and Fitzsimons, Ji, Vidick and Yuen (STOC 2019), we
obtain the corollary that all co-recursively enumerable languages (which
include undecidable problems as well as all decidable problems) have zero
knowledge MIP protocols with vanishing promise gap
Power of Quantum Computation with Few Clean Qubits
This paper investigates the power of polynomial-time quantum computation in
which only a very limited number of qubits are initially clean in the |0>
state, and all the remaining qubits are initially in the totally mixed state.
No initializations of qubits are allowed during the computation, nor
intermediate measurements. The main results of this paper are unexpectedly
strong error-reducible properties of such quantum computations. It is proved
that any problem solvable by a polynomial-time quantum computation with
one-sided bounded error that uses logarithmically many clean qubits can also be
solvable with exponentially small one-sided error using just two clean qubits,
and with polynomially small one-sided error using just one clean qubit. It is
further proved in the case of two-sided bounded error that any problem solvable
by such a computation with a constant gap between completeness and soundness
using logarithmically many clean qubits can also be solvable with exponentially
small two-sided error using just two clean qubits. If only one clean qubit is
available, the problem is again still solvable with exponentially small error
in one of the completeness and soundness and polynomially small error in the
other. As an immediate consequence of the above result for the two-sided-error
case, it follows that the TRACE ESTIMATION problem defined with fixed constant
threshold parameters is complete for the classes of problems solvable by
polynomial-time quantum computations with completeness 2/3 and soundness 1/3
using logarithmically many clean qubits and just one clean qubit. The
techniques used for proving the error-reduction results may be of independent
interest in themselves, and one of the technical tools can also be used to show
the hardness of weak classical simulations of one-clean-qubit computations
(i.e., DQC1 computations).Comment: 44 pages + cover page; the results in Section 8 are overlapping with
the main results in arXiv:1409.677
- …