Turing Award to the Institute’s Prof. Shafi Goldwasser

Prof. Shafi Goldwasser, who is at both the Weizmann Institute and MIT, will receive the 2012 A.M. Turing Award, together with Prof. Silvio Micali of MIT. Goldwasser is only the third woman to receive the Award since its inception in 1966, and she is the third faculty member of the Weizmann Institute to receive what is considered to be the “Nobel Prize in computing.”


Goldwasser and Micali’s work in the 1980s laid the foundations of modern cryptography – the science that, among other things, keeps your electronic transactions secure.

The basis of their work is a series of riffs on the concepts of probability and proof. For example, in their seminal “zero-knowledge interactive proofs” paper, they changed, forever, the paradigm of a mathematical proof that must be written down, step-by-step, page after page. Instead, they suggested that a proof can come out of a conversation between two parties – a “prover” and a “verifier.”

Laszlo Lovasz describes it thus:

It sounds paradoxical, but there is a scheme which allows the customer to convince the bank that he knows the password – without giving the slightest hint as to what the password is! ….The most interesting aspect of this scheme is that it extends the notion of a proof, thought (at least in classical mathematics) to be well established for more than 2000 years. In the classical sense, a proof is written down entirely by the author (whom we call the Prover), and then it is verified by the reader (whom we call the Verifier). Here, there is interaction between the Prover and the Verifier: The action taken by the Prover depends on the “questions” of the Verifier.

In other words, by asking a series of questions, each one randomly based on the answer to the previous question, the verifier can ascertain whether the prover has the mathematical proof -- without actually learning anything about the proof, itself. Obviously, using a method like this can keep your password from being stolen, but it can also be used by people working together online who want to jointly compute functions without giving away their data.

In fact, Goldwasser and Micali’s work has major implications for the entire field of mathematics known as complexity theory. Lovasz imagines using the method to referee an “exponentially long paper”:

There is a way to write down a proof so that a referee can check the correctness of a theorem by reading only a tiny fraction of it. The proof becomes longer than necessary, but not much longer. The number of characters the referee has to read is only around the logarithm of the original proof length!

Just as important, says Goldwasser, you can use such methods to establish that a mathematical statement is not correct, by proving "non existence" of classical proofs.


More like this

Is it possible to perform operations on encrypted data, while keeping it secure from all prying eyes (or circuits), even if that data is stored remotely, in the "cloud?" Will our end result still be encrypted, and when we decode it with our private decryption key, will our result be correct? To put…
A half day at QIP. The reason I'm having a hard time keeping away this morning: Avinatan Hassidim, "Multi-prover interactive proofs with communicating provers" Paper arXiv:0806.3982. Avinatan described work he performed with Michael Ben-Or and Haran Pilpel on multiprover interactive proofs in…
Today on the arXiv an new paper appeared of great significance to quantum computational complexity: arXiv:0907.4737 (vote for it on scirate here)Title: QIP = PSPACE Authors: Rahul Jain, Zhengfeng Ji, Sarvagya Upadhyay, John Watrous We prove that the complexity class QIP, which consists of all…
The new issue of the Notices of the American Mathematical Society turned up in my mailbox today. It features an interesting, if slightly disturbing, editorial (PDF format) by CUNY mathematician Melvyn Nathanson. He wonders about how confident we can really be regarding the proofs that appear in…