Memory Checking Requires Logarithmic Overhead

Elette Boyle, Ilan Komargodski, Neekon Vafa

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

We study the complexity of memory checkers with computational security and prove the first general tight lower bound. Memory checkers, first introduced over 30 years ago by Blum, Evans, Gemmel, Kannan, and Naor (FOCS '91, Algorithmica '94), allow a user to store and maintain a large memory on a remote and unreliable server by using small trusted local storage. The user can issue instructions to the server and after every instruction, obtain either the correct value or a failure (but not an incorrect answer) with high probability. The main complexity measure of interest is the size of the local storage and the number of queries the memory checker makes upon every logical instruction. The most efficient known construction has query complexity O(logn/loglogn) and local space proportional to a computational security parameter, assuming one-way functions, where n is the logical memory size. Dwork, Naor, Rothblum, and Vaikuntanathan (TCC '09) showed that for a restricted class of "deterministic and non-adaptive"memory checkers, this construction is optimal, up to constant factors. However, going beyond the small class of deterministic and non-adaptive constructions has remained a major open problem. In this work, we fully resolve the complexity of memory checkers by showing that any construction with local space p and query complexity q must satisfy p ≥ n/(logn)O(q). This implies, as a special case, that q≥ ω(logn/loglogn) in any scheme, assuming that p≤ n1-ϵ for ϵ>0. The bound applies to any scheme with computational security, completeness 2/3, and inverse polynomial in n soundness (all of which make our lower bound only stronger). We further extend the lower bound to schemes where the read complexity qr and write complexity qw differ. For instance, we show the tight bound that if qr=O(1) and p≤ n1-ϵ for ϵ>0, then qw≥ nω(1). This is the first lower bound, for any non-trivial class of constructions, showing a read-write query complexity trade-off. Our proof is via a delicate compression argument showing that a "too good to be true"memory checker can be used to compress random bits of information. We draw inspiration from tools recently developed for lower bounds for relaxed locally decodable codes. However, our proof itself significantly departs from these works, necessitated by the differences between settings.

Original languageEnglish
Title of host publicationSTOC 2024 - Proceedings of the 56th Annual ACM Symposium on Theory of Computing
EditorsBojan Mohar, Igor Shinkar, Ryan O�Donnell
PublisherAssociation for Computing Machinery
Pages1712-1723
Number of pages12
ISBN (Electronic)9798400703836
DOIs
StatePublished - 10 Jun 2024
Event56th Annual ACM Symposium on Theory of Computing, STOC 2024 - Vancouver, Canada
Duration: 24 Jun 202428 Jun 2024

Publication series

NameProceedings of the Annual ACM Symposium on Theory of Computing
ISSN (Print)0737-8017

Conference

Conference56th Annual ACM Symposium on Theory of Computing, STOC 2024
Country/TerritoryCanada
CityVancouver
Period24/06/2428/06/24

Bibliographical note

Publisher Copyright:
© 2024 Owner/Author.

Keywords

  • Computational Security
  • Lower Bound
  • Memory Checking

Fingerprint

Dive into the research topics of 'Memory Checking Requires Logarithmic Overhead'. Together they form a unique fingerprint.

Cite this