Pseudo-Deterministic Proofs

We introduce pseudo-deterministic interactive proofs (psdAM): interactive proof systems for search problems where the verifier is guaranteed with high probability to output the same output on different executions. As in the case with classical interactive proofs, the verifier is a probabilistic polynomial time algorithm interacting with an untrusted powerful prover. We view pseudo-deterministic interactive proofs as an extension of the study of pseudodeterministic randomized polynomial time algorithms: the goal of the latter is to find canonical solutions to search problems whereas the goal of the former is to prove that a solution to a search problem is canonical to a probabilistic polynomial time verifier. Alternatively, one may think of the powerful prover as aiding the probabilistic polynomial time verifier to find canonical solutions to search problems, with high probability over the randomness of the verifier. The challenge is that pseudo-determinism should hold not only with respect to the randomness, but also with respect to the prover: a malicious prover should not be able to cause the verifier to output a solution other than the unique canonical one. We show the following results: • A natural and illustrative example of a search problem in psdAM is the language where given two isomorphic graphs (G0, G1), the goal is to find an isomorphism φ from G0 to G1. We will show a constant round interactive proof where on every pair of input graphs (G0, G1), the verifier with high probability will output a unique isomorphism φ from G0 to G1, although many isomorphisms may exist. • In contrast, we show that it is unlikely that psdAM proofs with constant rounds exist for NP-complete problems by showing that if any NP-complete problem has an psdAM protocol where the verifier outputs a unique witness with high probability, then the polynomial hierarchy collapses. • We show that for every problem in search-BPP, there exists a pseudo-deterministic MA protocol which succeeds on infinitely many input lengths, where the verifier takes subexponential time. • Finally, we consider non-deterministic log-space NL algorithms with canonical outputs, which we name pseudo-deterministic NL: on every input, for every non-deterministic choice of the algorithm, either the algorithm rejects or it outputs a canonical unique output. We show that every search problem in search-NL (solvable by a nondeterministic log-space algorithm), is in pseudo-deterministic NL. • We show that the class of pseudo-deterministic AM protocols equals the class of problems solvable by polynomial time search algorithms with oracle access to promise-AM∩ coAM, where queries to the oracle must be in the promise. We show similar results for pseudodeterministic NP and pseudo-deterministic MA.