Memory checking is the task of checking the correctness of a sequence of "store" and "retrieve" operations. The operations are performed in a large unreliable memory. A checker using a much smaller but completely reliable memory tries to decide whether they were executed correctly. M. Blum, W. Evans, P. Gemmel, S. Kannan and M. Naor, has shown in 1991 that the off-line checking of a sequence of memory operations concerning a RAM consisting of n registers can be done, in a probabilistic sense, by a checker using only O(log n) reliable memory and a constant number of RAM operation per each "store" and "retrieve" operations (with log n word length), moreover no unproven cryptographic assumptions are needed in the proof. The probability of error will be polynomially small in n. The solution however requires the checker to store some extra information in the unreliable memory, that is, the checking protocol is invasive. (In this solution the time of each "store" operation must be stored together with the data and must be supplied to the checker at the time of the corresponding retrieve operation.) In this paper we prove that off-line memory checking, in the sense described above, is necessarily invasive, even if we make the problem somewhat easier for the checker to exclude trivial counter-examples. We show that even if the checker is allowed to read a constant number of registers from the large memory after each "store" or "retrieve" instruction, off-line non-invasive memory checking is not possible. Moreover for the case when the invasiveness consists of storing some extra information together with each piece of data and retrieving it together with the data we give a quantitative lower bound on the amount of extra "invasive" information stored in the memory. Namely, if the checker has O(log n) memory and the probability of error is polynomially small than the "invasiveness" of the mentioned method of [5] is optimal upto a constant factor. With other words the total number of extra bits that must be written in the memory is at least εT log T, where T is the number of store and retrieve operations. In the lower bounds we do not restrict the computational power of the checker at all, in fact we only assume that the checker is an n-way branching program with O(log n) bits of memory.
展开▼
机译:内存检查是检查“存储”和“检索”操作序列的正确性的任务。这些操作是在不可靠的大内存中执行的。使用较小但完全可靠的内存的检查器尝试确定它们是否正确执行。 M. Blum,W。Evans,P。Gemmel,S。Kannan和M. Naor在1991年表明,离线检查与 n 寄存器组成的RAM有关的一系列存储操作可以通过概率检查器仅使用 O (log n )可靠的内存并在每个“存储”和“检索”中使用恒定数量的RAM操作来完成操作(具有log n 个字长),此外,在证明中不需要未经证实的密码学假设。错误概率在 n 中将是多项式小。然而,该解决方案要求检查者将一些额外的信息存储在不可靠的存储器中,即,检查协议是侵入性的。 (在这种解决方案中,每个“存储”操作的时间必须与数据一起存储,并且必须在相应的检索操作时提供给检查器。)在本文中,我们证明了离线存储器检查即使我们使问题更容易使检查者排除琐碎的反例,但上述意义一定是具有侵入性的。我们表明即使在每条“存储”或“检索”指令之后,即使允许检查器从大内存中读取恒定数量的寄存器,也无法进行离线非侵入式内存检查。此外,对于侵入性包括将一些额外的信息与每条数据一起存储并与数据一起检索的情况,我们对存储在内存中的额外“侵入性”信息的数量给出了一个定量的下限。即,如果检查器具有O(log n)内存,并且错误概率在多项式上小于[5]中提到的方法的“侵入性”,则该常数最优化。换句话说,必须写入内存的额外位数总数至少为ε T log T ,其中 T 为数字存储和检索操作。在下限中,我们根本不限制检查程序的计算能力,实际上,我们仅假设检查程序是具有 O (log n )位的内存。
展开▼
