Lecture 10: Boolean Circuits (Cont.) 1 Recap 2 Turing Machines with Advice

Total Page:16

File Type:pdf, Size:1020Kb

Lecture 10: Boolean Circuits (Cont.) 1 Recap 2 Turing Machines with Advice CSE 200 Computability and Complexity Wednesday, May 1, 2013 Lecture 10: Boolean Circuits (cont.) Instructor: Professor Shachar Lovett Scribe: Dongcai Shen 1 Recap Definition 1 (Boolean circuit) A Boolean circuit on n inputs, is a DAG with n source nodes and one target (sink) node, m internal nodes perform simple computation (AND, OR, NOT). Definition 2 (P/poly) P/polydef= flanguages L s.t. 8n, L \ f0; 1gn can be computed by a circuit of size nO(1).g. Theorem 3 P ⊆ P/poly. 2 Turing Machines with Advice We can give another equivalent definition of P/poly by introducing the TM that takes advice. advice z}|{ Definition 4 (TIME(T (n))=a(n)) A language L 2 TIME(T (n))= a(n) if 9M 2 TIME(T (n)) and a sequence a(n) fαngn2N with αn 2 f0; 1g s.t. x 2 L , M(x; αjxj) = 1 ∗ for any x 2 f0; 1g . c d Claim 5 P/poly = [c;d≥1TIME(n )=(n ). Proof d (⊆) For any language L 2 P/poly. 8n 2 N, there exists a circuit Cn of size n . We treat Cn as an advice to the corresponding TM M. M evaluates input x on Cn given as an advice (extra input). The advice def def d sequence fαngn2N = fCngn2N is bounded by a(n) = n . c d k (⊇) Fix a language L 2 TIME(n )=(n ). 8n 2 N, there exists a circuit Cn of size n for some constant k s.t. x 2 L , Cn(x; αjxj) = 1 where jxj = n. The advice αn is hard-wired to the circuit. This is illustrated in Figure 1. Cn x αjxj c d Figure 1: P/poly ⊇ [c;d≥1TIME(n )=(n ) 10-1 Remark. Claim 5 explains the reason for naming P/poly: \deterministic poly-time taking poly-size advice". Similarly, we can define P= log, P=c where c stands for constant-sized advice, etc. A natural question arises: c Question 6 What can we get from just 1 bit of advice? P=1 = [c≥1TIME(n )=1. Question 7 Is NP ⊆ P/poly? This is an open question. We believe the answer is no. 3 The Karp-Lipton Theorem Theorem 8 (Karp-Lipton Theorem [1]) If NP ⊂ P/poly then PH = Σ2. Remark. Note that PH collapses to Σ2-complete instead of NP-complete. The theorem is of the style that \one thing unlikely implies another thing unlikely". Finally we see that many unlikely things are equivalent. In some sense it's similar to the NP-complete problems. It has a sister-theorem, the Meyer's Theorem, also proved in early 1980's. Theorem 9 (Meyer's Theorem [1]) If EXP ⊆ P/poly then EXP = Σ2. Proof of Theorem 8: Suppose 3-SAT 2 P/poly. So 8n 2 N, there exists a circuit Cn: ( 1 If φ satisfiable Cn(φ) = 0 Otherwise where φ is a 3-CNF on n variables. Also, jCnj = poly(n). Algorithm: Input 3-CNF φ on n bits, 9Cn s.t. φ(Cn(φ)) = 1. 1 We want to show Σ2 = PH. It suffices to show Π2 ⊂ Σ2 . Let L be a complete language for Π2. We def choose take L = Π2SAT = fφ is a 3-CNF : 8y9zφ(y; z)g. The first step is to transform a circuit which merely checks if a circuit is satisfiable, to a circuit that "proves" this by supplying a satisfying assignment. Claim 10 (Self-reducibility) If 8n 2 N there exists a circuit Cn s.t. φ 2 3-SAT iff Cn(φ) = 1 then there 0 0 0 O(1) exists a circuit Cn s.t. φ 2 3-SAT iff φ(Cn(φ)) = 1 and SIZE(Cn) ≤ SIZE(Cn) . Proof Assume circuit C s.t. C(φ) = 1 iff φ is satisfiable. If φ is satisfiable, discover a satisfying assignment bit-by-bit: ( 0 C(φ(0; x2; ··· ; xn)) = 1 a1 = 1 Otherwise ( 0 C(φ(a1; 0; x3; ··· ; xn)) = 1 a2 = 1 Otherwise In general, ( 0 C(φ(a1; ··· ; ai−1; 0; xi+1; ··· ; xn)) = 1 ai = 1 Otherwise 0 At the end, φ(a1; ··· ; an) = 1. The construction of the multi-output circuit C from the single-output circuit C is illustrated in Figure 2. 1 Recall that L 2 Σ2 means x 2 L , 9y8zM(y; z) = 1 where M 2 P; L 2 Π2 means x 2 L , 8y9zM(y; z) = 1 where M 2 P. Once we have Π2 ⊂ Σ2, namely 89 · · · = 98 · · · , we can simplify the QBF in the language definition by switching the 0 0 00 0 000 0 0 0000 positions of 9 and 8. For example, Π4 3 8989M(·) = 9889M (·) = 98 9M (·) = 998 M (·) = 9 8 M (·) 2 Σ2. 10-2 φ 2 SAT a1 a2 an C0 C(φ) C(φ) C(φ) ··· C(φ) a1 a1a2 a1a2 ··· an x1; ··· ; xn x2; ··· ; xn x3 ··· xn 1 1 1 Figure 2: Self-reducibility: construct C0 using C as a building block This property is called self-reducibility. Algorithm: Input 3-CNF φ on n bits, check if 8y 9z φ(y; z) = 1. | {z } iff Cn(φ(y; ·)) = 1 ( NP ⊆ P/poly | 0 {z } iff φ(y; Cn(φ(y; ·))) = 1 Hence, we have 0 0 φ 2 Π2SAT iff 9Cn8yφ(y; Cn(φ(y; ·))) = 1 | {z } in Σ2 Next we prove Theorem 9. The intuitive idea is: \EXP ⊂ P/poly" means any exponential-time computation can be done by a specific poly-size circuit Cn where n is the input size. Then, our goal is to c d prove that this computation also fits in Σ2 = fx : 9y : jyj ≤ jxj 8z : jzj ≤ jxj M(x; y; z) = 1g where M 2 P. Recall Cook-Levin Theorem's proof. An exponential-size computation is hard to check from the outset. But we can make use of the \for all" quantifier in Σ2. Quantifier 8 comes in handy to check all local places in the exponential-size computation. Meanwhile, the quantifier 9 helps us by \guessing" the circuit Cn. Cn is guaranteed to exist when L 2 EXP ⊂ P/poly. Proof of Theorem 9: Fix a language L 2 EXP. We need to show L 2 Σ2. Suppose L is computable by a c 1-tape TM M 2 TIME(2n ). W.l.o.g., M's alphabet Σ = f0; 1g. Let def LM = f(x; i; j) : running M on input x 2 L in time step i has a configuration whose j-th bit is 1.g c c where in the tuple (x; i; j), x 2 f0; 1gn, i ≤ 2n denotes M's steps, and j ≤ 2n is the index of M's i-th configuration. Note that we can describe (x; i; j) using poly(n) bits. Clearly, LM 2 EXP ⊂ P/poly. So, there is a poly-size circuit C s.t. (x; i; j) 2 LM iff C(x; i; j) = 1 Lets come back to L. For any x 2 L, what do we have from M's computation? We need to show c • M(x) at time N = 2n entered the accepting state. Namely, M(x) = 1. c • x 2 L iff 9C s.t. C(x; i; j) = 1 8i; j 2 [2n ]. as shown in Figure 3. Note that x, i, and j can be represented in poly-size. However, how can we "trust" the circuit C? The answer is that, similar to the Cook-Levin theorem, computation is local and can be verified by a collection of local tests (e.g. a CNF). In our case the CNF size is exponential, however we can specify in a uniform way the various tests. These amount basically to 10-3 c ≤ 2n cells written x 8 # > Row #1: x1 x2 ··· xn 0 0 ··· 0 0 0 ··· 0 steps > > 0 # c <> Row #2: x x2 ··· xn 0 0 ··· 0 0 0 ··· 0 n 1 2 . > . ··· . ··· . ··· . > > c # :> Row #2n : 1 0 ··· 0 0 0 ··· 0 0 0 ··· 0 Accept Figure 3: M's computation verifying the correct transition between any two time steps. The verifier of the computation simply is \AND c c of 2n clauses of constant size". 8i; j 2 [2n ], 08C(x; i; j); 1 > B<>fC(y; i; ·) : head in location j − 1, j, j + 1 content in location jg; C B C VERIFY B C @>fC(x; i; ·) : state in step ig; A > :fC(x; i − 1; ·) : state in step i − 1g Finally, we renders \x 2 L iff M(x) = 1" where M 2 EXP to x 2 L iff 9C 8i; j VERIFY(C; x; i; j) VERIFY 2 P because C is of poly-size. Therefore, L 2 Σ2. This completes the proof. The Karp-Lipton Theorem's proof is by guessing the assignment. The Meyer's Theorem's proof is by verifying the computation in a succinct way. 4 Circuit Lower Bounds Definition 11 (Size of a circuit) The size of a circuit C is the number of edges of the circuit C. 2n Theorem 12 Most functions on n bits require size Ω( n ). Proof By a counting argument. How many circuits of size S are there? we need to specify S wires (which requires O(S log S) bits) and the gate computed by each gate (which takes an additional O(S) bits). Hence the number of functions computed in SIZE(S) is at most SO(S). On the other hand, the number of boolean 2n 2n functions on n bits is 2 . Setting S = O( n ), we get that most functions require size > S.
Recommended publications
  • CS601 DTIME and DSPACE Lecture 5 Time and Space Functions: T, S
    CS601 DTIME and DSPACE Lecture 5 Time and Space functions: t, s : N → N+ Definition 5.1 A set A ⊆ U is in DTIME[t(n)] iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. A = L(M) ≡ w ∈ U M(w)=1 , and 2. ∀w ∈ U, M(w) halts within c · t(|w|) steps. Definition 5.2 A set A ⊆ U is in DSPACE[s(n)] iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. A = L(M), and 2. ∀w ∈ U, M(w) uses at most c · s(|w|) work-tape cells. (Input tape is “read-only” and not counted as space used.) Example: PALINDROMES ∈ DTIME[n], DSPACE[n]. In fact, PALINDROMES ∈ DSPACE[log n]. [Exercise] 1 CS601 F(DTIME) and F(DSPACE) Lecture 5 Definition 5.3 f : U → U is in F (DTIME[t(n)]) iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. f = M(·); 2. ∀w ∈ U, M(w) halts within c · t(|w|) steps; 3. |f(w)|≤|w|O(1), i.e., f is polynomially bounded. Definition 5.4 f : U → U is in F (DSPACE[s(n)]) iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. f = M(·); 2. ∀w ∈ U, M(w) uses at most c · s(|w|) work-tape cells; 3. |f(w)|≤|w|O(1), i.e., f is polynomially bounded. (Input tape is “read-only”; Output tape is “write-only”.
    [Show full text]
  • A Fast and Verified Software Stackfor Secure Function Evaluation
    Session I4: Verifying Crypto CCS’17, October 30-November 3, 2017, Dallas, TX, USA A Fast and Verified Software Stack for Secure Function Evaluation José Bacelar Almeida Manuel Barbosa Gilles Barthe INESC TEC and INESC TEC and FCUP IMDEA Software Institute, Spain Universidade do Minho, Portugal Universidade do Porto, Portugal François Dupressoir Benjamin Grégoire Vincent Laporte University of Surrey, UK Inria Sophia-Antipolis, France IMDEA Software Institute, Spain Vitor Pereira INESC TEC and FCUP Universidade do Porto, Portugal ABSTRACT as OpenSSL,1 s2n2 and Bouncy Castle,3 as well as prototyping We present a high-assurance software stack for secure function frameworks such as CHARM [1] and SCAPI [31]. More recently, a evaluation (SFE). Our stack consists of three components: i. a veri- series of groundbreaking cryptographic engineering projects have fied compiler (CircGen) that translates C programs into Boolean emerged, that aim to bring a new generation of cryptographic proto- circuits; ii. a verified implementation of Yao’s SFE protocol based on cols to real-world applications. In this new generation of protocols, garbled circuits and oblivious transfer; and iii. transparent applica- which has matured in the last two decades, secure computation tion integration and communications via FRESCO, an open-source over encrypted data stands out as one of the technologies with the framework for secure multiparty computation (MPC). CircGen is a highest potential to change the landscape of secure ITC, namely general purpose tool that builds on CompCert, a verified optimizing by improving cloud reliability and thus opening the way for new compiler for C. It can be used in arbitrary Boolean circuit-based secure cloud-based applications.
    [Show full text]
  • On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs*
    On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs* Benny Applebaum† Eyal Golombek* Abstract We study the randomness complexity of interactive proofs and zero-knowledge proofs. In particular, we ask whether it is possible to reduce the randomness complexity, R, of the verifier to be comparable with the number of bits, CV , that the verifier sends during the interaction. We show that such randomness sparsification is possible in several settings. Specifically, unconditional sparsification can be obtained in the non-uniform setting (where the verifier is modelled as a circuit), and in the uniform setting where the parties have access to a (reusable) common-random-string (CRS). We further show that constant-round uniform protocols can be sparsified without a CRS under a plausible worst-case complexity-theoretic assumption that was used previously in the context of derandomization. All the above sparsification results preserve statistical-zero knowledge provided that this property holds against a cheating verifier. We further show that randomness sparsification can be applied to honest-verifier statistical zero-knowledge (HVSZK) proofs at the expense of increasing the communica- tion from the prover by R−F bits, or, in the case of honest-verifier perfect zero-knowledge (HVPZK) by slowing down the simulation by a factor of 2R−F . Here F is a new measure of accessible bit complexity of an HVZK proof system that ranges from 0 to R, where a maximal grade of R is achieved when zero- knowledge holds against a “semi-malicious” verifier that maliciously selects its random tape and then plays honestly.
    [Show full text]
  • Week 1: an Overview of Circuit Complexity 1 Welcome 2
    Topics in Circuit Complexity (CS354, Fall’11) Week 1: An Overview of Circuit Complexity Lecture Notes for 9/27 and 9/29 Ryan Williams 1 Welcome The area of circuit complexity has a long history, starting in the 1940’s. It is full of open problems and frontiers that seem insurmountable, yet the literature on circuit complexity is fairly large. There is much that we do know, although it is scattered across several textbooks and academic papers. I think now is a good time to look again at circuit complexity with fresh eyes, and try to see what can be done. 2 Preliminaries An n-bit Boolean function has domain f0; 1gn and co-domain f0; 1g. At a high level, the basic question asked in circuit complexity is: given a collection of “simple functions” and a target Boolean function f, how efficiently can f be computed (on all inputs) using the simple functions? Of course, efficiency can be measured in many ways. The most natural measure is that of the “size” of computation: how many copies of these simple functions are necessary to compute f? Let B be a set of Boolean functions, which we call a basis set. The fan-in of a function g 2 B is the number of inputs that g takes. (Typical choices are fan-in 2, or unbounded fan-in, meaning that g can take any number of inputs.) We define a circuit C with n inputs and size s over a basis B, as follows. C consists of a directed acyclic graph (DAG) of s + n + 2 nodes, with n sources and one sink (the sth node in some fixed topological order on the nodes).
    [Show full text]
  • Computational Complexity: a Modern Approach
    i Computational Complexity: A Modern Approach Draft of a book: Dated January 2007 Comments welcome! Sanjeev Arora and Boaz Barak Princeton University [email protected] Not to be reproduced or distributed without the authors’ permission This is an Internet draft. Some chapters are more finished than others. References and attributions are very preliminary and we apologize in advance for any omissions (but hope you will nevertheless point them out to us). Please send us bugs, typos, missing references or general comments to [email protected] — Thank You!! DRAFT ii DRAFT Chapter 9 Complexity of counting “It is an empirical fact that for many combinatorial problems the detection of the existence of a solution is easy, yet no computationally efficient method is known for counting their number.... for a variety of problems this phenomenon can be explained.” L. Valiant 1979 The class NP captures the difficulty of finding certificates. However, in many contexts, one is interested not just in a single certificate, but actually counting the number of certificates. This chapter studies #P, (pronounced “sharp p”), a complexity class that captures this notion. Counting problems arise in diverse fields, often in situations having to do with estimations of probability. Examples include statistical estimation, statistical physics, network design, and more. Counting problems are also studied in a field of mathematics called enumerative combinatorics, which tries to obtain closed-form mathematical expressions for counting problems. To give an example, in the 19th century Kirchoff showed how to count the number of spanning trees in a graph using a simple determinant computation. Results in this chapter will show that for many natural counting problems, such efficiently computable expressions are unlikely to exist.
    [Show full text]
  • Time Hypothesis on a Quantum Computer the Implications Of
    The implications of breaking the strong exponential time hypothesis on a quantum computer Jorg Van Renterghem Student number: 01410124 Supervisor: Prof. Andris Ambainis Master's dissertation submitted in order to obtain the academic degree of Master of Science in de informatica Academic year 2018-2019 i Samenvatting In recent onderzoek worden reducties van de sterke exponenti¨eletijd hypothese (SETH) gebruikt om ondergrenzen op de complexiteit van problemen te bewij- zen [51]. Dit zorgt voor een interessante onderzoeksopportuniteit omdat SETH kan worden weerlegd in het kwantum computationeel model door gebruik te maken van Grover's zoekalgoritme [7]. In de klassieke context is SETH wel nog geldig. We hebben dus een groep van problemen waarvoor er een klassieke onder- grens bekend is, maar waarvoor geen ondergrens bestaat in het kwantum com- putationeel model. Dit cre¨eerthet potentieel om kwantum algoritmes te vinden die sneller zijn dan het best mogelijke klassieke algoritme. In deze thesis beschrijven we dergelijke algoritmen. Hierbij maken we gebruik van Grover's zoekalgoritme om een voordeel te halen ten opzichte van klassieke algoritmen. Grover's zoekalgoritme lost het volgende probleem op in O(pN) queries: gegeven een input x ; :::; x 0; 1 gespecifieerd door een zwarte doos 1 N 2 f g die queries beantwoordt, zoek een i zodat xi = 1 [32]. We beschrijven een kwantum algoritme voor k-Orthogonale vectoren, Graaf diameter, Dichtste paar in een d-Hamming ruimte, Alle paren maximale stroom, Enkele bron bereikbaarheid telling, 2 sterke componenten, Geconnecteerde deel- graaf en S; T -bereikbaarheid. We geven ook nieuwe ondergrenzen door gebruik te maken van reducties en de sensitiviteit methode.
    [Show full text]
  • The Complexity Zoo
    The Complexity Zoo Scott Aaronson www.ScottAaronson.com LATEX Translation by Chris Bourke [email protected] 417 classes and counting 1 Contents 1 About This Document 3 2 Introductory Essay 4 2.1 Recommended Further Reading ......................... 4 2.2 Other Theory Compendia ............................ 5 2.3 Errors? ....................................... 5 3 Pronunciation Guide 6 4 Complexity Classes 10 5 Special Zoo Exhibit: Classes of Quantum States and Probability Distribu- tions 110 6 Acknowledgements 116 7 Bibliography 117 2 1 About This Document What is this? Well its a PDF version of the website www.ComplexityZoo.com typeset in LATEX using the complexity package. Well, what’s that? The original Complexity Zoo is a website created by Scott Aaronson which contains a (more or less) comprehensive list of Complexity Classes studied in the area of theoretical computer science known as Computa- tional Complexity. I took on the (mostly painless, thank god for regular expressions) task of translating the Zoo’s HTML code to LATEX for two reasons. First, as a regular Zoo patron, I thought, “what better way to honor such an endeavor than to spruce up the cages a bit and typeset them all in beautiful LATEX.” Second, I thought it would be a perfect project to develop complexity, a LATEX pack- age I’ve created that defines commands to typeset (almost) all of the complexity classes you’ll find here (along with some handy options that allow you to conveniently change the fonts with a single option parameters). To get the package, visit my own home page at http://www.cse.unl.edu/~cbourke/.
    [Show full text]
  • Lecture 9 1 Interactive Proof Systems/Protocols
    CS 282A/MATH 209A: Foundations of Cryptography Prof. Rafail Ostrovsky Lecture 9 Lecture date: March 7-9, 2005 Scribe: S. Bhattacharyya, R. Deak, P. Mirzadeh 1 Interactive Proof Systems/Protocols 1.1 Introduction The traditional mathematical notion of a proof is a simple passive protocol in which a prover P outputs a complete proof to a verifier V who decides on its validity. The interaction in this traditional sense is minimal and one-way, prover → verifier. The observation has been made that allowing the verifier to interact with the prover can have advantages, for example proving the assertion faster or proving more expressive languages. This extension allows for the idea of interactive proof systems (protocols). The general framework of the interactive proof system (protocol) involves a prover P with an exponential amount of time (computationally unbounded) and a verifier V with a polyno- mial amount of time. Both P and V exchange multiple messages (challenges and responses), usually dependent upon outcomes of fair coin tosses which they may or may not share. It is easy to see that since V is a poly-time machine (PPT), only a polynomial number of messages may be exchanged between the two. P ’s objective is to convince (prove to) the verifier the truth of an assertion, e.g., claimed knowledge of a proof that x ∈ L. V either accepts or rejects the interaction with the P . 1.2 Definition of Interactive Proof Systems An interactive proof system for a language L is a protocol PV for communication between a computationally unbounded (exponential time) machine P and a probabilistic poly-time (PPT) machine V such that the protocol satisfies the properties of completeness and sound- ness.
    [Show full text]
  • Rigorous Cache Side Channel Mitigation Via Selective Circuit Compilation
    RiCaSi: Rigorous Cache Side Channel Mitigation via Selective Circuit Compilation B Heiko Mantel, Lukas Scheidel, Thomas Schneider, Alexandra Weber( ), Christian Weinert, and Tim Weißmantel Technical University of Darmstadt, Darmstadt, Germany {mantel,weber,weissmantel}@mais.informatik.tu-darmstadt.de, {scheidel,schneider,weinert}@encrypto.cs.tu-darmstadt.de Abstract. Cache side channels constitute a persistent threat to crypto implementations. In particular, block ciphers are prone to attacks when implemented with a simple lookup-table approach. Implementing crypto as software evaluations of circuits avoids this threat but is very costly. We propose an approach that combines program analysis and circuit compilation to support the selective hardening of regular C implemen- tations against cache side channels. We implement this approach in our toolchain RiCaSi. RiCaSi avoids unnecessary complexity and overhead if it can derive sufficiently strong security guarantees for the original implementation. If necessary, RiCaSi produces a circuit-based, hardened implementation. For this, it leverages established circuit-compilation technology from the area of secure computation. A final program analysis step ensures that the hardening is, indeed, effective. 1 Introduction Cache side channels are unintended communication channels of programs. Cache- side-channel leakage might occur if a program accesses memory addresses that depend on secret information like cryptographic keys. When these secret-depen- dent memory addresses are loaded into a shared cache, an attacker might deduce the secret information based on observing the cache. Such cache side channels are particularly dangerous for implementations of block ciphers, as shown, e.g., by attacks on implementations of DES [58,67], AES [2,11,57], and Camellia [59,67,73].
    [Show full text]
  • Probabilistic Boolean Logic, Arithmetic and Architectures
    PROBABILISTIC BOOLEAN LOGIC, ARITHMETIC AND ARCHITECTURES A Thesis Presented to The Academic Faculty by Lakshmi Narasimhan Barath Chakrapani In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy in the School of Computer Science, College of Computing Georgia Institute of Technology December 2008 PROBABILISTIC BOOLEAN LOGIC, ARITHMETIC AND ARCHITECTURES Approved by: Professor Krishna V. Palem, Advisor Professor Trevor Mudge School of Computer Science, College Department of Electrical Engineering of Computing and Computer Science Georgia Institute of Technology University of Michigan, Ann Arbor Professor Sung Kyu Lim Professor Sudhakar Yalamanchili School of Electrical and Computer School of Electrical and Computer Engineering Engineering Georgia Institute of Technology Georgia Institute of Technology Professor Gabriel H. Loh Date Approved: 24 March 2008 College of Computing Georgia Institute of Technology To my parents The source of my existence, inspiration and strength. iii ACKNOWLEDGEMENTS आचायातर् ्पादमादे पादं िशंयः ःवमेधया। पादं सॄचारयः पादं कालबमेणच॥ “One fourth (of knowledge) from the teacher, one fourth from self study, one fourth from fellow students and one fourth in due time” 1 Many people have played a profound role in the successful completion of this disser- tation and I first apologize to those whose help I might have failed to acknowledge. I express my sincere gratitude for everything you have done for me. I express my gratitude to Professor Krisha V. Palem, for his energy, support and guidance throughout the course of my graduate studies. Several key results per- taining to the semantic model and the properties of probabilistic Boolean logic were due to his brilliant insights.
    [Show full text]
  • Polynomial Hierarchy
    CSE200 Lecture Notes – Polynomial Hierarchy Lecture by Russell Impagliazzo Notes by Jiawei Gao February 18, 2016 1 Polynomial Hierarchy Recall from last class that for language L, we defined PL is the class of problems poly-time Turing reducible to L. • NPL is the class of problems with witnesses verifiable in P L. • In other words, these problems can be considered as computed by deterministic or nonde- terministic TMs that can get access to an oracle machine for L. The polynomial hierarchy (or polynomial-time hierarchy) can be defined by a hierarchy of problems that have oracle access to the lower level problems. Definition 1 (Oracle definition of PH). Define classes P Σ1 = NP. P • P Σi For i 1, Σi 1 = NP . • ≥ + Symmetrically, define classes P Π1 = co-NP. • P ΠP For i 1, Π co-NP i . i+1 = • ≥ S P S P The Polynomial Hierarchy (PH) is defined as PH = i Σi = i Πi . 1.1 If P = NP, then PH collapses to P P Theorem 2. If P = NP, then P = Σi i. 8 Proof. By induction on i. P Base case: For i = 1, Σi = NP = P by definition. P P ΣP P Inductive step: Assume P NP and Σ P. Then Σ NP i NP P. = i = i+1 = = = 1 CSE 200 Winter 2016 P ΣP Figure 1: An overview of classes in PH. The arrows denote inclusion. Here ∆ P i . (Image i+1 = source: Wikipedia.) Similarly, if any two different levels in PH turn out to be the equal, then PH collapses to the lower of the two levels.
    [Show full text]
  • The Polynomial Hierarchy and Alternations
    Chapter 5 The Polynomial Hierarchy and Alternations “..synthesizing circuits is exceedingly difficulty. It is even more difficult to show that a circuit found in this way is the most economical one to realize a function. The difficulty springs from the large number of essentially different networks available.” Claude Shannon 1949 This chapter discusses the polynomial hierarchy, a generalization of P, NP and coNP that tends to crop up in many complexity theoretic inves- tigations (including several chapters of this book). We will provide three equivalent definitions for the polynomial hierarchy, using quantified pred- icates, alternating Turing machines, and oracle TMs (a fourth definition, using uniform families of circuits, will be given in Chapter 6). We also use the hierarchy to show that solving the SAT problem requires either linear space or super-linear time. p p 5.1 The classes Σ2 and Π2 To understand the need for going beyond nondeterminism, let’s recall an NP problem, INDSET, for which we do have a short certificate of membership: INDSET = {hG, ki : graph G has an independent set of size ≥ k} . Consider a slight modification to the above problem, namely, determin- ing the largest independent set in a graph (phrased as a decision problem): EXACT INDSET = {hG, ki : the largest independent set in G has size exactly k} . Web draft 2006-09-28 18:09 95 Complexity Theory: A Modern Approach. c 2006 Sanjeev Arora and Boaz Barak. DRAFTReferences and attributions are still incomplete. P P 96 5.1. THE CLASSES Σ2 AND Π2 Now there seems to be no short certificate for membership: hG, ki ∈ EXACT INDSET iff there exists an independent set of size k in G and every other independent set has size at most k.
    [Show full text]