Sustained space complexity
From MaRDI portal
Publication:1648824
DOI10.1007/978-3-319-78375-8_4zbMATH Open1423.94045arXiv1705.05313OpenAlexW2616005523MaRDI QIDQ1648824FDOQ1648824
Authors: Joël Alwen, Jeremiah Blocki, Krzysztof Pietrzak 
Publication date: 9 July 2018
Abstract: Memory-hard functions (MHF) are functions whose evaluation cost is dominated by memory cost. MHFs are egalitarian, in the sense that evaluating them on dedicated hardware (like FPGAs or ASICs) is not much cheaper than on off-the-shelf hardware (like x86 CPUs). MHFs have interesting cryptographic applications, most notably to password hashing and securing blockchains. Alwen and Serbinenko [STOC'15] define the cumulative memory complexity (cmc) of a function as the sum (over all time-steps) of the amount of memory required to compute the function. They advocate that a good MHF must have high cmc. Unlike previous notions, cmc takes into account that dedicated hardware might exploit amortization and parallelism. Still, cmc has been critizised as insufficient, as it fails to capture possible time-memory trade-offs, as memory cost doesn't scale linearly, functions with the same cmc could still have very different actual hardware cost. In this work we address this problem, and introduce the notion of sustained-memory complexity, which requires that any algorithm evaluating the function must use a large amount of memory for many steps. We construct functions (in the parallel random oracle model) whose sustained-memory complexity is almost optimal: our function can be evaluated using steps and memory, in each step making one query to the (fixed-input length) random oracle, while any algorithm that can make arbitrary many parallel queries to the random oracle, still needs memory for steps. Our main technical contribution is the construction is a family of DAGs on nodes with constant indegree with high "sustained-space complexity", meaning that any parallel black-pebbling strategy requires pebbles for at least steps.
Full work available at URL: https://arxiv.org/abs/1705.05313
Recommendations
- Sustained space and cumulative complexity trade-offs for data-dependent memory-hard functions
- Data-independent memory hard functions: new attacks and stronger constructions
- Efficiently computing data-independent memory-hard functions
- Depth-robust graphs and their cumulative memory complexity
- High Parallel Complexity Graphs and Memory-Hard Functions
Cited In (15)
- Sustained space and cumulative complexity trade-offs for data-dependent memory-hard functions
- Memory-hard puzzles in the standard model with applications to memory-hard functions and resource-bounded locally decodable codes
- Proofs of Catalytic Space
- Parallelizable delegation from LWE
- On the complexity of \textsf{scrypt} and proofs of space in the parallel random oracle model
- Efficiently computing data-independent memory-hard functions
- Depth-robust graphs and their cumulative memory complexity
- Scrypt is maximally memory-hard
- The parallel reversible pebbling game: analyzing the post-quantum security of iMHFs
- Title not available (Why is that?)
- Verifiable capacity-bound functions: a new primitive from Kolmogorov complexity. (Revisiting space-based security in the adaptive setting)
- PURED: a unified framework for resource-hard functions
- SPARKs: succinct parallelizable arguments of knowledge
- Trapdoor memory-hard functions
- Static-memory-hard functions, and modeling the cost of space vs. time
This page was built for publication: Sustained space complexity
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q1648824)
