sign in sign up
<<
Home , Charles Rackoff, Lance Fortnow, Shlomo Moran

Appendix A

Appendix

A.1 Probability theory

A random variable is a mapping from a probability space to R.Togivean example, the probability space could be that of all 2n possible outcomes of n tosses of a fair coin, and Xi is the random variable that is 1 if the ith toss is a head, and is 0 otherwise. An event is a subset of the probability space. The following simple bound —called the union bound—is often used in the book. For every set of events B1,B2,...,Bk,

k ∪k ≤ Pr[ i=1Bi] Pr[Bi]. (A.1) i=1

A.1.1 The averaging argument We list various versions of the “averaging argument.” Sometimes we give two versions of the same result, one as a fact about numbers and one as a fact about probability spaces. Lemma A.1

If a1,a2,...,an are some numbers whose average is c then some ai ≥ c. Lemma A.2 (“The Probabilistic Method”) If X is a random variable which takes values from a finite set and E[X]=μ then the event “X ≥ μ” has nonzero probability. Corollary A.3 If Y is a real-valued function of two random variables x, y then there is a choice c for y such that E[Y (x, c)] ≥ E[Y (x, y)].

403

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 404 APPENDIX A. APPENDIX

Lemma A.4

If a1,a2,...,an ≥ 0 are numbers whose average is c then the fraction of ai’s that are greater than (resp., at least) kc is less than (resp, at most) 1/k. Lemma A.5 (“Markov’s inequality”) Any non-negative random variable X satisfies 1 Pr (X ≥ kE[X]) ≤ . k Corollary A.6 ∈ − If a1√,a2,...,an [0, 1] are numbers whose√ average is 1 γ then at least 1 − γ fraction of them are at least 1 − γ.

Can we give any meaningful upperbound on Pr[X

If a1,a2,...,an are numbers in the interval [0, 1] whose average is ρ then at least ρ/2 of the ai’s are at least as large as ρ/2.

Proof: Let γ be the fraction of i’s such that ai ≥ ρ/2. Then γ +(1− γ)ρ/2 must be at least ρ/2, so γ ≥ ρ/2. 2 More generally, we have Lemma A.8 If X ∈ [0, 1] and E[X]=μ then for any c<1 we have 1 − μ Pr[X ≤ cμ] ≤ . 1 − cμ

Example A.1 Suppose you took a lot of exams, each scored from 1 to 100. If your average score was 90 then in at least half the exams you scored at least 80.

A.1.2 Deviation upperbounds Under various conditions, one can give upperbounds on the probability of an event. These upperbounds are usually derived by clever use of Markov’s inequality. The first bound is Chebyshev’s inequality, useful when only the variance is known.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- A.1. PROBABILITY THEORY 405

Lemma A.9 (Chebyshev inequality) If X is a random variable and E[X]=μ and E[(X − μ)2]=σ2 then Pr[|X − μ| >kσ] ≤ 1/k2. Proof: Apply Markov’s inequality to the random variable (X −μ)2,noting that by definition of variance, E[(X − μ)2]=σ2. 2 The next inequality has many names, and is widely known in theoretical as Chernoff bounds. It considers scenarios of the following type. Suppose we toss a fair coin n times. The expected number of heads is n/2. How tightly is this number concentrated? Should we be very surprised if after 1000 tosses we have 625 heads? The bound we present is more general, and concerns n different coin tosses of possibly different biases (the bias is the probability of obtaining “heads”; for a fair coin this is 1/2). A sequence of {0, 1} random variables is Poisson, as against Bernoulli, if the expected values can vary between trials. Theorem A.10 (“Chernoff” bounds) Let X1,X2,...,Xn be independent Poisson trials and let pi = E[Xi],where n n 0

where the last equality holds because the Xi r.v.s are independent. Now, t E[exp(tXi)] = (1 − pi)+pie , therefore,    t t E[exp(tXi)] = [1 + pi(e − 1)] ≤ exp(pi(e − 1)) i i i  t t =exp( pi(e − 1)) = exp(μ(e − 1)), i (A.5)

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 406 APPENDIX A. APPENDIX

as 1 + x ≤ ex. Finally, apply Markov’s inequality to the random variable exp(tX), viz.

E[exp(tX)] exp((et − 1)μ) Pr[X ≥ (1+δ)μ]=Pr[exp(tX) ≥ exp(t(1+δ)μ)] ≤ = , exp(t(1 + δ)μ) exp(t(1 + δ)μ)

using lines (A.4) and (A.5) and the fact that t is positive. Since t is a dummy variable, we can choose any positive value we like for it. Simple calculus shows that the right hand side is minimized for t =ln(1+δ)and this leads to the theorem statement. 2

By the way, if all n coin tosses are fair (Heads has probability√ 1/2) then the the probability of seeing N heads where |N − n/2| >a n is at most e−a2/2. The chance of seeing at least 625 heads in 1000 tosses of an unbiased coin is less than 5.3 × 10−7.

A.1.3 Sampling methods Typically, to take n independent samples the amount of random bits required increases linearly with n. At a few places in the book we encounter pairwise independent sampling. This is very frugal with its use of random bits, since it allows n samples to be taken using 2 log n random bits. The downside is that one can only use Chebyshev’s inequality for deviation bounds, not Chernoff bounds.

Definition A.1 Random variables x1,...,xm are pairwise independent if

∀i, j ∀a, b Pr[xi = a, xj = b]=Pr[xi = a]Pr[xj = b]. (A.6)

Pairwise independent random variables are useful because of the Chebyshev inequality. Suppose that x1,...,xm are pairwise independent with E(xi)= 2 μ, Var(xi)=σ .Thenwehave     2 − 2 2 − 2 Var( xi)=E[( xi) ] E[ xi] = (E[xi ] E[xi] ), i i i  where we have used pairwise independence in the last step.√ Thus Var( xi)= 2 2 mσ . By the Chebyshev inequality, Pr[| xi − mμ| >k mσ] ≤ 1/k .So, the sum of the variables is somewhat concentrated about the mean. This is in contrast with the case of complete independence, when Chernoff bounds would give an exponentially stronger concentration result (the 1/k2 would be replaced by exp(Θ(−k2))).

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- A.2. POLYNOMIALS 407

Example A.2 In Zp,choosea and b randomly and independently. Then the random variables a + b, a +2b,...,a+(p − 1)b are pairwise independent. Indeed, for any t, s, j = k ∈ Zp, Pr[a + jb = t]=1/p,andPr[a + jb = t, a + kb = s]=1/p2, because this linear system is satisfied by exactly one (a, b)-pair out of p2.

Example A.3 Let m =2k − 1. The set [1 ...m]isin1− 1 correspondence with the set 2[1...k] \∅. We will construct m random variables corresponding to all nonempty subsets of [1 ...k]. Pick uniformly at random k binary ⊂ strings t1,...,tk of length n and set YS = i∈S ti (mod 2), where S  ∅  [1 ...k], S = . For any S1 = S2, the random variables YS1 and YS2 are independent, because one can always find an i such that i ∈ S2 \ S1,so

the difference between YS1 and YS2 is always a sum of several uniformly distributed random vectors, which is a uniformly distributed random vector

itself. That is, even if we fix the value of YS1 , we still have to toss a coin for

each position in YS2 ,and 1 Pr[Y = s, Y = t]=Pr[Y ⊕ Y = t ⊕ s|Y = s]= . S1 S2 S1 S2 S1 22n

A.1.4 The random subsum principle

The following fact is used often in the book. Let a1,a2,...,ak be elements of a finite field GF (q). We do not know the elements, but we are told that at least one of them is nonzero. Now we pick a subset S of {1, 2,...,k}  uniformly at random. Then the probability that i∈S ai = 0 is at least 1/2. Here is the reason. Suppose that aj is nonzero. Then we can think of S as having been picked as follows. First we pick a random subset S of {1, 2,...,k}\{j} and then we toss a fair coin to decide whether or not to   add j to it. If i∈S ai = 0 then with probability 1/2 S = S ,inwhichcase   ∪{ } i∈S ai =0.If i∈S ai = 0 then with probability 1/2 S = S j ,in  which case i∈S ai =0.

A.2 Polynomials

We list some basic facts about univariate polynomials.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 408 APPENDIX A. APPENDIX

Theorem A.11 A nonzero polynomial of degree d has at most d distinct roots.  Proof: d i Suppose p(x)= i=0 cix has d +1distinctrootsα1,...,αd+1 in some field F .Then d i · αj ci = p(αj)=0, i=0 for j =1,...,d+ 1. This means that the system Ay = 0 with ⎛ ⎞ 2 d 1 α1 α1 ... α1 ⎜1 α α2 ... αd ⎟ A = ⎜ 2 2 2 ⎟ ⎝...... ⎠ 2 d 1 αd+1 αd+1 ... αd+1

has a solution y = c.ThematrixA is a Vandermonde matrix, hence  det A = (αi − αj), i>j

which is nonzero for distinct αi. Hence rankA = d + 1. The system Ay = 0 has therefore only a trivial solution — a contradiction to c = 0. 2

Theorem A.12

For any set of pairs (a1,b1),...,(ad+1,bd+1) there exists a unique polynomial g(x) of degree at most d such that g(ai)=bi for all i =1, 2,...,d+1.

Proof: The requirements are satisfied by Lagrange Interpolating Polyno- mial:  d+1  (x − aj) b ·  j=i . i (a − a ) i=1 j= i i j

If two polynomials g1(x),g2(x) satisfy the requirements then their difference p(x)=g1(x) − g2(x)isofdegreeatmostd, and is zero for x = a1,...,ad+1. Thus, from the previous theorem, polynomial p(x) must be zero and poly- nomials g1(x),g2(x)identical.2 The following elementary result is usually attributed to Schwartz and Zippel in the computer science community, though it was certainly known earlier (see e.g. DeMillo and Lipton).

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- A.2. POLYNOMIALS 409

Theorem A.13 (Schwartz-Zippel)

If a polynomial p(x1,x2,...,xm) over F = GF (q) is nonzero and has total degree at most d,then d Pr[p(a ..a ) =0] ≥ 1 − , 1 m q

where the probability is over all choices of a1..am ∈ F . Proof: We use induction on m.Ifm = 1 the statement follows from Theorem A.11. Suppose the statement is true when the number of variables is at most m − 1. Then p can be written as d i p(x1,x2,...,xm)= x1pi(x2,...,xm), i=0

where pi has total degree at most d − i.Sincep is nonzero, at least one of pi is nonzero. Let k be the largest i such that pi is nonzero. Then by the inductive hypothesis, d − k Pr [pi(a2,a3,...,am) =0] ≥ 1 − . a2,a3,...,am q

Whenever pi(a2,a3,...,am) =0, p(x1,a2,a3,...,am) is a nonzero uni- variate polynomial of degree k, and hence becomes 0 only for at most k values of x1. Hence k d − k d Pr[p(a ..a ) =0] ≥ (1 − )(1 − ) ≥ 1 − , 1 m q q q and the induction is completed. 2

A.2.1 Representing data by multivariate polynomials Lemma A.14 (Polynomial extension lemma)

For some integer h let H = {u0,u1, ··· ,uh} be a subset of h +1elements from GF (q). For each function f : Hm → F there exists a polynomial fˆ(x1,x2, ··· ,xm) whose degree in each xi is h and which satisfies fˆ(v)=f(v) for all v ∈ Hm. This polynomial can be computed in time poly(hm).

Proof: The requirements are satisfied by the Lagrange interpolating poly- nomial:  − ˆ ··· m Πj= ixi uj f(x1,x2, ,xm)= f(u)Πi=1 (A.7) Π  ui − uj u∈Hm j=i 2

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 410 APPENDIX A. APPENDIX

A.3 Eigenvalues and expanders

An eigenvalue of an n × n symmetric real matrix M is a real number λ such that there exists a vector x ∈$n such that M · x = λx.Itisknownthat for every such matrix there are n eigenvalues λ1 ≥ λ2 ≥ ··· ≥ λn and n n corresponding eigenvectors u1,u2,...,un ∈$ that form an orthonormal n basis of $ .TheCourant Fisher theorem characterizes λ1 as xT Mx λ1 =min (A.8) x∈n |x|2

and more generally λi as xT Mx λi =min (A.9) ∈ 2 x Li−1 |x|

where Li−1 is the space of vectors orthogonal to u1,u2,...,ui−1. The adjacency matrix of an n-node undirected graph G =(V,E)isan n × n matrix AG whose (i, j)entryis1if{i, j} is an edge and 0 otherwise. In a few places in the book we are interested in constant degree ex- panders, and these have more than one definition. (The definitions are related.) We define them using eigenvalues. We recall that for a d-regular graph, the largest eigenvalue of the adjacency matrix is d. Definition A.2 (Expander family) If λ

An explicit construction of a (5,λ)-expander family is known for some λ<5 (Margulis, simplified in Gabber-Galil). For every positive integer n, the family contains a graph vertex-set has size close to n.Inthiscontext, “explicit construction” means that there exists a polynomial-time machine that, given any vertex number i, gives the 5 neighbors of i. (Note that the running time is polynomial in the representation of i,inotherwords, poly(log i).) An explicit construction of expanders (for some constant d) also follows from the algorithm in Section 18.6. Let G be any (d, λ)-expander on n nodes, with adjacency matrix A.Let M be the Markov chain defined by G (that is, M is a n × n matrix such that in entry (i, j) there is the transition probability from node i to node j), 1 hence M = d A. Thus the largest eigenvalue is 1 and every other eigenvalue λi satisfies |λi|≤λ/5.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- A.3. EIGENVALUES AND EXPANDERS 411

1 Then M is ergodic, and the stationary distribution is n 1. Let X be some distribution on the vertices of G.ThenX can be written as: 1 n X = 1+ α e n i i i=2

Where the ei’s are the eigenvectors of M; they form an orthogonal basis 1 since M is symmetric. The coefficient of the first eigenvector is n is because 1  1 = Pr[X = a]=. (1( n 2 a Therefore, after a random walk of length t, the resulting distribution on the vertices is: 6 7 1 n M tX = M t−1(MX)=M t−1 1+ α λ e n i i i i=2 1 n = ...= 1+ α λte n i i i i=2 Hence 1 1 (M tX − 1( ≤ ( λ )t(X − 1( n 1 5 n 1 1 √ ≤ ( λ )t(X − 1( n. (A.10) 5 n 2 In particular, since λ/5 < 1 is some constant independent of n,wesee that for some large enough constant c,takingt = c log n steps is enough to make the distance of M tX from the uniform distribution less than 1/n, regardless of X. To give an example, if the random walk starts from a fixed vertex (X is a vector which has one coordinate 1 and the rest 0) then a random walk of length O(log n) is enough to erase almost all “memory” of the starting vertex.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 412 APPENDIX A. APPENDIX

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- Bibliography

[AA02] M.Vyalyi A.Kitaev and A.Shen. Classical and Quantum compu- tation. AMS Press, 2002. [AD97] M. Ajtai and C. Dwork. A public-key cryptosystem with worst- case/average-case equivalence. In Proceedings of the 29th An- nual ACM Symposium on the Theory of Computing (STOC ’97), pages 284–293, New York, 1997. Association for Computing Ma- chinery. [Adl78] Leonard Adleman. Two theorems on random polynomial time. In 19th Annual Symposium on Foundations of Computer Sci- ence, pages 75–83, Ann Arbor, Michigan, 1978. IEEE. [AG94] Eric Allender and Vivek Gore. A uniform circuit lower bound for the permanent. SIAM Journal on Computing, 23(5):1026–1049, October 1994.

1 [Ajt83] M. Ajtai. Σ1-formulae on finite structures. Annals of Pure and Applied Logic, 24:1–48, 1983. [Ajt96] M. Ajtai. Generating hard instances of lattice problems (ex- tended abstract). In Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, pages 99–108, Philadelphia, Pennsylvania, 1996. [AKL+79] Romas Aleliunas, Richard M. Karp, Lipton Lipton, Laszlo Lov´asz, and Charles Rackoff. Random walks, universal traver- sal sequences, and the complexity of maze problems. In 20th Annual Symposium on Foundations of Computer Science, pages 218–223, San Juan, Puerto Rico, 29–31 October 1979. IEEE. [AKS87] M. Ajtai, J. Komlos, and E. Szemeredi. Deterministic simulation in LOGSPACE. In ACM, editor, Proceedings of the nineteenth

413

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 414 BIBLIOGRAPHY

annual ACM Symposium on Theory of Computing, New York City, May 25–27, 1987, pages 132–140, New York, NY, USA, 1987. ACM Press.

[ALM+98] , , , , and . Proof verification and the hardness of ap- proximation problems. Journal of the ACM, 45(3):501–555, May 1998. Prelim version IEEE FOCS 1992.

[AS98] Sanjeev Arora and . Probabilistic checking of proofs: A new characterization of NP. Journal of the ACM, 45(1):70–122, January 1998. Prelim version IEEE FOCS 1982.

[AUY83] A.V. Aho, J.D. Ullman, and M. Yannakakis. On notions of infor- mation transfer in VLSI circuits. In Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing, pages 133– 139, 25–27 April 1983.

[Bab90] L´aszl´o Babai. E-mail and the unexpected power of interaction. In Proceedings, Fifth Annual Structure in Complexity Theory Con- ference, pages 30–44, Barcelona, Spain, 8–11 July 1990. IEEE Computer Society Press.

[Bar02] Boaz Barak. A probabilistic-time hierarchy theorem for “Slightly Non-uniform” algorithms. Lecture Notes in Computer Science, 2483:194–??, 2002.

[BBR94] David A. Mix Barrington, Richard Beigel, and Rudich Rudich. Representing Boolean functions as polynomials modulo compos- ite numbers. Computational Complexity, 4(4):367–382, 1994. Prelim. version in ACM STOC 1992.

[BdW02] H. Buhrman and R. de Wolf. Complexity measures and deci- sion tree complexity: A survey. Theoretical Computer Science, 288:21–43, 2002.

[Bec91] J. Beck. An algorithmic approach to the lov`asz local lemma. Random Structures and Algorithms, 2(4):367–378, 1991.

[Bei93] Richard Beigel. The polynomial method in circuit complexity. In Proceedings of the Eighth Annual Structure in Complexity The- ory Conference, pages 82–95, San Diego, California, 18–21 May 1993. IEEE Computer Society Press.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 415

[BF90] Donald Beaver and Joan Feigenbaum. Hiding instances in multi- oracle queries. In 7th Annual Symposium on Theoretical Aspects of Computer Science, volume 415 of lncs, pages 37–48, Rouen, France, 22–24 February 1990. Springer.

[BFL91] L´aszl´o Babai, Lance Fortnow, and Lund Lund. Non- deterministic exponential time has two-prover interactive pro- tocols. Computational Complexity, 1:3–40, 1991.

[BFNW93] L´aszl´o Babai, Lance Fortnow, , and . BPP has subexponential time simulations unless EXPTIME has publishable proofs. Computational Complexity, 3(4):307–318, 1993.

[BGS75] Theodore Baker, John Gill, and Robert Solovay. Relativiza- tions of the P =? NP question. SIAM Journal on Computing, 4(4):431–442, December 1975.

[BK95] M. Blum and S. Kannan. Designing programs that check their work. Journal of the ACM, 42(1):269–291, January 1995.

[Blu67] M. Blum. A machine-independent theory of the complexity of recursive functions. JACM: Journal of the ACM, 14, 1967.

[Blu82] M. Blum. Coin flipping by telephone. In Proc. 1982 IEEE COM- PCON, High Technology in the Information Age, pages 133–137, 1982. See also SIGACT News, Vol 15, No. 1, 1983.

[Blu84] M. Blum. Independent unbiased coin flips from a correlated biased source: a finite state Markov chain. In 25th Annual Sym- posium on Foundations of Computer Science, pages 425–433. IEEE, 24–26 October 1984.

[BM84] M. Blum and S. Micali. How to generate cryptographically strong sequences of pseudo-random bits. SIAM Journal on Com- puting, 13(4):850–864, Nov 1984.

[BM88] L´aszl´o Babai and . Arthur-Merlin games: A ran- domized proof system, and a hierarchy of complexity classes. Journal of Computer and System Sciences, 36(2):254–276, April 1988.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 416 BIBLIOGRAPHY

[BNS] L. Babai, N. Nisan, and M. Szegedy. Multiparty protocols, pseudorandom generators for logspace, and time-space trade- offs.

[BS90] R.B. Boppana and M. Sipser. The complexity of finite func- tions. In Handbook of Theoretical Computer Science, Ed. Jan van Leeuwen, Elsevier and MIT Press (Volume A (= “1”): Al- gorithms and Complexity), volume 1. 1990.

[BS96] Eric Bach and Jeffrey Shallit. Algorithmic Number Theory — Efficient Algorithms, volume I. MIT Press, Cambridge, USA, 1996.

[BT94] Richard Beigel and Jun Tarui. On ACC. Computational Com- plexity, 4(4):350–366, 1994. Prelim version in IEEE FOCS 1991.

[BV97] E. Bernstein and U. Vazirani. Quantum complexity theory. SIAM Journal on Computing, 26(5):1411–1473, October 1997. Prelim version in STOC 1993.

[Cob64] A. Cobham. The intrinsic computational difficulty of functions. In Yehoshua Bar-Hillel, editor, Proceedings of the 1964 Interna- tional Congress for Logic, Methodology, and Philosophy of Sci- ence, pages 24–30. Elsevier/North-Holland, 1964.

[Coo71] S. A. Cook. The complexity of theorem proving procedures. In Proc. 3rd Ann. ACM Symp. Theory of Computing, pages 151– 158, NY, 1971. ACM.

[Coo73] Stephen A. Cook. A hierarchy for nondeterministic time com- plexity. Journal of Computer and System Sciences, 7(4):343–353, August 1973.

[CW89] Aviad Cohen and Avi Wigderson. Dispersers, deterministic am- plification, and weak random sources (extended abstract). In 30th Annual Symposium on Foundations of Computer Science, pages 14–19, 30 October–1 November 1989.

[Deu85] D. Deutsch. Quantum theory, the Church-Turing principle and the universal quantum computer. Proceedings of the Royal So- ciety of London Ser. A, A400:97–117, 1985.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 417

[DH76] W. Diffie and M. E. Hellman. New directions in . IEEE Transactions on Information Theory, 22(5):644–654, No- vember 1976.

[DJ92] D. Deutsch and R. Jozsa. Rapid solution of problems by quan- tum computation. Proc Roy Soc Lond A, 439:553–558, October 1992.

[DK00] D.Z. Du and K. I. Ko. Theory of Computational Complexity. Wiley, 2000.

[Fei95] . A tight upper bound on the cover time for random walks on graphs. Random Structures & Algorithms, 6:51–54, 1995.

[Fey82] R. Feynman. Simulating physics with computers. International Journal of Theoretical Physics, 21(6&7):467–488, 1982.

[FSS84] M. Furst, J. Saxe, and M. Sipser. Parity, circuits, and the poly- nomial time hierarchy. Mathematical Systems Theory, 17:13–27, 1984. Prelim version in IEEE FOCS 1981.

[GG00] O. Goldreich and S. Goldwasser. On the limits of nonapprox- imability of lattice problems. JCSS: Journal of Computer and System Sciences, 60, 2000.

[GGM86] O. Goldreich, S. Goldwasser, and S. Micali. How to construct random functions. Journal of the ACM, 33(4):792–807, October 1986. Prelim. version in IEEE FOCS 1984.

[Gil74] John T. Gill. Computational complexity of probabilistic Turing machines. In ACM, editor, Conference record of sixth annual ACM Symposium on Theory of Computing: papers presented at the symposium, Seattle, Washington, April 30–May 2, 1974, pages 91–95, New York, NY, USA, 1974. ACM Press.

[Gil77] John Gill. Computational complexity of probabilistic Turing ma- chines. SIAM Journal on Computing, 6(4):675–695, December 1977.

[GM84] Shafi Goldwasser and . Probabilistic encryption. Journal of Computer and System Sciences, 28(2):270–299, April 1984.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 418 BIBLIOGRAPHY

[GMR89] S. Goldwasser, S. Micali, and C. Rackoff. The knowledge com- plexity of interactive proof systems. SIAM Journal on Com- puting, 18(1):186–208, February 1989. Prelim version in ACM STOC 1985.

[GMW87] O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game — A completeness theorem for protocols with hon- est majority. In ACM, editor, Proceedings of the nineteenth an- nual ACM Symposium on Theory of Computing, New York City, May 25–27, 1987, pages 218–229, New York, 1987. ACM Press.

[Gol04] Oded Goldreich. Foundations of Cryptography, Volumes 1 and 2. Cambridge University Press, 2001,2004.

[GS87] S. Goldwasser and M. Sipser. Private coins versus public coins in interactive proof systems. In S. Micali, editor, Randomness and Computation. JAI Press, Greenwich, CT, 1987. Extended Abstract in Proc. 18th ACM Symp. on Theory of Computing, 1986.

[H01]˙ J. H˙astad. Some optimal inapproximability results. Journal of the ACM, 48(4):798–859, 2001. Prelim version ACM STOC 1997.

[Has86] Johan Hastad. Almost optimal lower bounds for small depth circuits. In Proceedings of the Eighteenth Annual ACM Sympo- sium on Theory of Computing, pages 6–20, Berkeley, California, 28–30 May 1986.

[HILL99] Johan H˚astad, Russell Impagliazzo, Levin Levin, and . A pseudorandom generator from any one-way function. SIAM Journal on Computing, 28(4):1364–1396, August 1999.

[HMU01] J. E. Hopcroft, R. Motwani, and J. D. Ullman. “Introduction to Automata Theory, Language, and Computation”. Addison– Wesley, 2nd edition edition, 2001.

[HS65] J. Hartmanis and R. E. Stearns. On the computational complex- ity of algorithms. Transactions of the American Mathematical Society, 117:285–306, 1965.

[HVV04] Alexander Healy, , and Emanuele Viola. Using non- determinism to amplify hardness. In Proceedings of the thirty-

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 419

sixth annual ACM Symposium on Theory of Computing (STOC- 04), pages 192–201, New York, June 13–15 2004. ACM Press.

[ILL89] Russell Impagliazzo, Leonid A. Levin, and Luby Luby. Pseudo- random generation from one-way functions. In Proceedings of the 21st Annual Symposium on Theory of Computing (STOC ’89), pages 12–24, New York, May 1989. ACM Association for Computing Machinery.

[INW94] Russell Impagliazzo, Noam Nisan, and Avi Wigderson. Pseudo- randomness for network algorithms. In Proceedings of the Twenty-Sixth Annual ACM Symposium on the Theory of Com- puting, pages 356–364, 23–25 May 1994.

[IW01] Russell Impagliazzo and Avi Wigderson. Randomness vs time: Derandomization under a uniform assumption. JCSS: Journal of Computer and System Sciences, 63, 2001. Prelim. version in IEEE FOCS 1998.

[Kan82] R. Kannan. Circuit-size lower bounds and non-reducibility to sparse sets. Information and Control, 55(1–3):40–56, 1982. Pre- lim version in IEEE FOCS 1981.

[Kar72] R. M. Karp. Reducibility among combinatorial problems. In R. E. Miller and J. W. Thatcher, editors, Complexity of Com- puter Computations, pages 85–103. Plenum, New York, 1972.

[KI03] Valentine Kabanets and Russell Impagliazzo. Derandomizing polynomial identity tests means proving circuit lower bounds. In ACM, editor, Proceedings of the Thirty-Fifth ACM Sympo- sium on Theory of Computing, San Diego, CA, USA, June 9–11, 2003, pages 355–364, New York, NY, USA, 2003. ACM Press.

[KL82] R. Karp and R. Lipton. Turing machines that take advice. L’ Ensignement Math´ematique, 28:191–210, 1982.

[KN97] E. Kushilevitz and N. Nisan. Communication Complexity.Cam- bridge University Press, 1997.

[KRW95] Mauricio Karchmer, Ran Raz, and Avi Wigderson. Super- logarithmic depth lower bounds via the direct sum in communi- cation complexity. Computational Complexity, 5(3/4):191–204, 1995.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 420 BIBLIOGRAPHY

[KUW86] R.M. Karp, E. Upfal, and A. Wigderson. Constructing a perfect matching is in random NC. COMBINAT: Combinatorica, 6:35– 48, 1986.

[KV94] M. Kearns and L. Valiant. Cryptographic limitations on learning Boolean formulae and finite automata. J. ACM, 41(1):67–95, 1994. Prelim. version in 21th STOC, 1989.

[KVVY93] R. Kannan, H. Venkateswaran, V. Vinay, and A. C. Yao. A circuit-based proof of Toda’s theorem. Information and Compu- tation, 104(2):271–276, 1993.

[KW90] Mauricio Karchmer and Avi Wigderson. Monotone circuits for connectivity require super-logarithmic depth. SIAM Journal on Discrete Mathematics, 3(2):255–265, May 1990. Prelim version in ACM STOC 1988.

[Lei92] F. Thomson Leighton. Introduction to Parallel Algorithms and Architectures: Arrays • Trees • Hypercubes. Morgan Kaufmann, 1992.

[Lev] L. Levin. The tale of one-way functions (english translation). Problemy Peredachi Informatsii, 39(1).

[Lev73] L. Levin. Universal sequential search problems. PINFTRANS: Problems of Information Transmission (translated from Prob- lemy Peredachi Informatsii (Russian)), 9, 1973.

[LFK92] C. Lund, L. Fortnow, and H. Karloff. Algebraic methods for interactive proof systems. Journal of the ACM, 39(4):859–868, October 1992.

[Lip90] Richard J. Lipton. Efficient checking of computations. In 7th Annual Symposium on Theoretical Aspects of Computer Science, volume 415 of lncs, pages 207–215, Rouen, France, 22–24 Feb- ruary 1990. Springer.

[Lip91] R. J. Lipton. New directions in testing. In Distributed Comput- ing and Cryptography, volume 2 of DIMACS Series in Discrete Mathematics and Theoretical Computer Science, pages 191–202. American Mathematics Society, 1991.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 421

[LLKS85] E.L.Lawler,J.K.Lenstra,A.H.G.RinnooyKan,andD.B. Shmoys, editors. The Traveling Salesman Problem. John Wiley, New York, 1985.

[LMSS56] K. de Leeuw, E. F. Moore, C. E. Shannon, and N. Shapiro. Computability by probabilistic machines. In C. E. Shannon and J. McCarthy, editors, Automata Studies, pages 183–212. 1956.

[Lov78] L. Lov`asz. Kneser’s conjecture, chromatic number, and homo- topy. J. Combin. Theory Ser. A, 1978.

[Lov79] L. Lov`asz. On determinants, matchings, and random algorithms. In L. Budach, editor, Fundamentals of Computation Theory FCT ’79, pages 565–574, Berlin, 1979. Akademie-Verlag.

[LR01] Oded Lachish and Ran Raz. Explicit lower bound of 4.5n − o(n) for Boolean circuits. In ACM, editor, Proceedings of the 33rd Annual ACM Symposium on Theory of Computing: Hersonissos, Crete, Greece, July 6–8, 2001, pages 399–408, New York, NY, USA, 2001. ACM Press.

[LRVW03] Chi-Jen Lu, , Salil Vadhan, and Wigderson Wigderson. Extractors: optimal up to constant factors. In ACM, editor, Proceedings of the Thirty-Fifth ACM Symposium on The- ory of Computing, San Diego, CA, USA, June 9–11, 2003, pages 602–611, New York, NY, USA, 2003. ACM Press.

[MR95] R. Motwani and P. Raghavan. Randomized algorithms.Cam- bridge University Press, 1995.

[MS82] K. Mehlhorn and E.M. Schmidt. Las Vegas is better than deter- minism in VLSI and (extended abstract). In Proceedings of the Fourteenth Annual ACM Symposium on Theory of Computing, pages 330–337, San Francisco, California, 5–7 May 1982.

[MVV87] K. Mulmuley, U. V. Vazirani, and V. V. Vazirani. Matching is as easy as matrix inversion. Combinatorica, 7:105–113, 1987.

[MZ02] Jiri Matousek and G¨unter M. Ziegler. Topological lower bounds for the chromatic number: A hierarchy, November 24 2002. Com- ment: 16 pages, 1 figure. Jahresbericht der DMV, to appear.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 422 BIBLIOGRAPHY

[NC00] M. Nielsen and I. Chuang. Quantum Computation and Quantum Information. Cambridge University Press, 2000.

[Nis92] N. Nisan. Pseudorandom generators for space-bounded compu- tation. Combinatorica, 12, 1992. Prelim version in ACM STOC 1990.

[NW94] Noam Nisan and Avi Wigderson. Hardness vs randomness. Jour- nal of Computer and System Sciences, 49(2):149–167, October 1994. Prelim version in IEEE FOCS 1988.

[NZ96] Noam Nisan and David Zuckerman. Randomness is linear in space. Journal of Computer and System Sciences, 52(1):43–52, 1996. Prelim. version in ACM STOC 1993.

[O’D04] O’Donnell. Hardness amplification within NP. JCSS: Journal of Computer and System Sciences, 69, 2004.

[Pap85] Christos H. Papadimitriou. Games against nature. J. Comput. System Sci., 31(2):288–301, 1985.

[Pen94] R. Penrose. Shadows of the Mind: A Search for the Missing Science of Consciousness. Oxford University Press, 1994.

[PS84] Christos H. Papadimitriou and . Communica- tion complexity. Journal of Computer and System Sciences, 28(2):260–269, April 1984. Prelim version in ACM STOC 1982.

[PY82] C. H. Papadimitriou and M. Yannakakis. The complexity of facets (and some facets of complexity). Journal of Computer and System Sciences, 28(2):244–259, 1982.

[PY91] C. Papadimitriou and M. Yannakakis. Optimization, approxima- tion, and complexity classes. Journal of Computer and System Sciences, 43(3):425–440, December 1991. Prelim version STOC 1988.

[Rab80] M. O. Rabin. A probabilistic algorithm for testing primality. Journal of Number Theory, 12, 1980.

[Raz85] Alexander A. Razborov. Lowerbounds on the monotone com- plexity of some boolean functions. Doklady Akademii Nauk. SSSR, 281(4):798–801, 1985. Translation in Soviet Math. Dok- lady 31, 354–357.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 423

[Raz87] Alexander A. Razborov. Lower bounds on the size of bounded depth circuits over a complete basis with logical addition. MATHNASUSSR: Mathematical Notes of the Academy of Sci- ences of the USSR, 41, 1987.

[Raz89] A. A. Razborov. On the method of approximations. In Proceed- ings of the Twenty First Annual ACM Symposium on Theory of Computing, pages 167–176, 15–17 1989.

[Raz92] A.A. Razborov. On submodular complexity measures. In Boolean Function Complexity, (M. Paterson, Ed.), pages 76–83. London Mathematical Society Lecture Note Series 169, Cam- bridge University Press, 1992.

[Raz00] R. Raz. The bns-chung criterion for multi-party communication complexity. Computational Complexity, 9(2):113–122, 2000.

[Raz03] Alexander A. Razborov. Pseudorandom generators hard for k- DNF resolution and polynomial calculus resolution, 2003.

[Raz04] Ran Raz. Multi-linear formulas for permanent and determinant are of super-polynomial size. In Proceedings of ACM Symposium on Theory of Computing. ACM Press, 2004.

[RR97] Alexander A. Razborov and . Natural proofs. Journal of Computer and System Sciences, 55(1):24–35, August 1997. Prelim version ACM STOC 1994.

[RR99] Ran Raz and Omer Reingold. On recycling the randomness of states in space bounded computation. In Proceedings of the Thirty-First Annual ACM Symposium on Theory of Comput- ing (STOC’99), pages 159–168, New York, 1999. Association for Computing Machinery.

[RS95] R. Raz and B. Spieker. On the “log rank”-conjecture in commu- nication complexity. Combinatorica, 15, 1995. Prelim version in IEEE FOCS 1993.

[RSA78] R. L. Rivest, A. Shamir, and L. Adelman. A method for obtain- ing digital signatures and public-key cryptosystems. Communi- cations of the ACM, 21(2):120–126, 1978.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 424 BIBLIOGRAPHY

[RVW00] O. Reingold, S. Vadhan, and A. Wigderson. Entropy waves, the zig-zag graph product, and new constant-degree expanders and extractors. In IEEE, editor, 41st Annual Symposium on Founda- tions of Computer Science: proceedings: 12–14 November, 2000, Redondo Beach, California, pages 3–13. IEEE Computer Society Press, 2000.

[RW93] and Avi Wigderson. nΩ(log n) Lower bounds on the size of depth-3 threshold circuits with AND gates at the bottom. Information Processing Letters, 45(6):303–307, 16 April 1993.

[Sav70] W. J. Savitch. Relationships between nondeterministic and de- terministic tape complexities. JCSS: Journal of Computer and System Sciences, 4, 1970.

[Sav72] J. E. Savage. Computational work and time on finite machines. Journal of the ACM, 19(4):660–674, October 1972.

[Sha83] A. Shamir. On the generation of cryptographically strong pseudorandom sequences. ACM Trans. on Computer Sys., 1(1):38–44, 1983. Prelim version presented at Crypto’81 and ICALP’81.

[Sha92] . IP = PSPACE. Journal of the ACM, 39(4):869–877, October 1992.

[SHL65] R. E. Stearns, J. Hartmanis, and P. M. Lewis II. Hierarchies of memory limited computations. In Proceedings of the Sixth An- nual Symposium on Switching Circuit Theory and Logical De- sign, pages 179–190. IEEE, 1965.

[Sho97] Peter W. Shor. Polynomial-time algorithms for prime factor- ization and discrete logarithms on a quantum computer. SIAM Journal on Computing, 26(5):1484–1509, October 1997.

[Sip83] Michael Sipser. A complexity theoretic approach to randomness. In Proceedings of the Fifteenth Annual ACM Symposium on The- ory of Computing, pages 330–335, Boston, Massachusetts, 25–27 April 1983.

[Sip88] Michael Sipser. Expanders, randomness, or time versus space. Journal of Computer and System Sciences, 36(3):379–383, June

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 425

1988. Prelim. version in Proc. IEEE Structure in Complexity ’86.

[Sip92] M. Sipser. The history and status of the P versus NP ques- tion. In ACM, editor, Proceedings of the twenty-fourth annual ACM Symposium on Theory of Computing, Victoria, British Columbia, Canada, May 4–6, 1992, pages 603–618, New York, NY, USA, 1992. ACM Press.

[Smo87] R. Smolensky. Algebraic methods in the theory of lower bounds for Boolean circuit complexity. In Proceedings of the nineteenth annual ACM Symposium on Theory of Computing, New York City, May 25–27, 1987, pages 77–82, New York, NY, USA, 1987. ACM Press.

[SS77] R. Solovay and V. Strassen. A fast Monte Carlo test for primal- ity. SIAM Journal on Computing, 6(1):84–85, 1977.

[Sto77] L. J. Stockmeyer. The polynomial-time hierarchy. Theoretical Computer Science, 3:1–22, 1977.

[STV] M. Sudan, L. Trevisan, and S. Vadhan. Pseudorandom genera- tors without the XOR lemma. JCSS: Journal of Computer and System Sciences, 62(2).

[SU02a] M. Schaefer and C. Umans. Completeness in the polynomial- time hierarchy: Part I. SIGACTN: SIGACT News (ACM Spe- cial Interest Group on Automata and Computability Theory), 33, September 2002.

[SU02b] M. Schaefer and C. Umans. Completeness in the polynomial- time hierarchy: Part II. SIGACTN: SIGACT News (ACM Spe- cial Interest Group on Automata and Computability Theory), 33, December 2002.

3/2 [SZ99a] M. Saks and S. Zhou. BPH SPACE(S) ⊆ DSPACE(S ). JCSS: Journal of Computer and System Sciences, 58(2):376– 403, 1999.

[SZ99b] Aravind Srinivasan and David Zuckerman. Computing with very weak random sources. SIAM Journal on Computing, 28(4):1433– 1459, August 1999. Prelim. version FOCS 1994.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- 426 BIBLIOGRAPHY

[Tod91] S. Toda. PP is as hard as the polynomial-time hierarchy. SIAM Journal on Computing, 20(5):865–877, 1991. [Tra84] B. A. Trakhtenbrot. A survey of Russian approaches to perebor (brute-force search) algorithms. Annals of the History of Com- puting, 6(4):384–400, October/December 1984. Also contains a good translation of [Lev73]. [Tre01] Luca Trevisan. Extractors and pseudorandom generators. Jour- nal of the ACM, 48(4):860–879, July 2001. Prelim version in ACM STOC 1999. [Uma01] C. Umans. The minimum equivalent DNF problem and shortest implicants. JCSS: Journal of Computer and System Sciences, 63, 2001. [Vad00] Salil Vadhan. On transformation of interactive proofs that pre- serve the prover’s complexity. In ACM, editor, Proceedings of the thirty second annual ACM Symposium on Theory of Com- puting: Portland, Oregon, May 21–23, [2000], pages 200–207, New York, NY, USA, 2000. ACM Press. [Val75] Leslie G. Valiant. On non-linear lower bounds in computational complexity. In STOC ’75: Proceedings of seventh annual ACM symposium on Theory of computing, pages 45–53. ACM Press, 1975. [Val79a] L. G. Valiant. The complexity of computing the permanent. Theoretical Computer Science, 8(2):189–201, 1979. [Val79b] Leslie G. Valiant. The complexity of enumeration and reliability problems. SIAM Journal on Computing, 8(3):410–421, 1979. [Vaz01] Vijay V. Vazirani. Approximation Algorithms. Springer- Verlag, Berlin-Heidelberg-New York-Barcelona-Hong Kong- London-Milan-Paris-Singapur-Tokyo, 2001. [VG99] Joachim Von zur Gathen and J¨urgen Gerhard. Modern Com- puter Algebra. Cambridge University Press, New York, NY, USA, 1999. [von61] J. von Neumann. Probabilistic logics and synthesis of reliable or- ganisms from unreliable components, volume 5. Pergamon Press, 1961.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT -- BIBLIOGRAPHY 427

[Yam97] P. Yam. Bringing schroedinger’s cat back to life. Scientific Amer- ican, pages 124–129, June 1997.

[Yan91] M. Yannakakis. Expressing combinatorial optimization problems by linear programs. Journal of Computer and System Sciences, 43(3):441–466, 1991. Prelim version in ACM STOC 1988.

[Yao79] A.C.C. Yao. Some complexity questions related to distributive computing(preliminary report). In STOC ’79: Proceedings of the 11th ACM STOC, pages 209–213. ACM Press, 1979.

[Yao82] Andrew C. Yao. Theory and applications of trapdoor functions (extended abstract). In 23rd Annual Symposium on Foundations of Computer Science, pages 80–91. IEEE, 3–5 November 1982.

[Yao85] A. C.-C. Yao. Separating the polynomial-time hierarchy by or- acles. In 26th Annual Symposium on Foundations of Computer Science (FOCS ’85), pages 1–10, Los Angeles, Ca., USA, 1985. IEEE Computer Society Press.

[Yao86] Andrew Chi-Chih Yao. How to generate and exchange secrets (extended abstract). In 27th Annual Symposium on Foundations of Computer Science, pages 162–167. IEEE, 27–29 October 1986.

[Yao90] Andrew Chi-Chih Yao. On ACC and threshold circuits. In 31st Annual Symposium on Foundations of Computer Science, volume II, pages 619–627. IEEE, 22–24 October 1990.

[Yao93] A. Yao. Quantum circuit complexity. In 34th Annual Symposium on Foundations of Computer Science, pages 352–361, Palo Alto, California, 1993. IEEE.

[Zak83] S. Zak. A Turing machine time hierarchy. Theoretical Computer Science, 26(3):327–333, October 1983.

[Zuc90] David Zuckerman. General weak random sources. In 31st An- nual IEEE Symposium on Foundations of Computer Science, volume II, pages 534–543, 22–24 October 1990.

DRAFT -- DRAFT -- DRAFT -- DRAFT -- DRAFT --