DOCSLIB.ORG

Interactive Proofs

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Interactive Proofs Interactive Proofs Nabil Mustafa Computational Complexity 1 / 144 1 V runs in time polynomial in jxj 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 3 x 2= L =) 8PV (x) = 0 after k-rounds with P Note: each message sent is one round Messages have to be of length polynomial in jxj dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 2 / 144 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 3 x 2= L =) 8PV (x) = 0 after k-rounds with P Note: each message sent is one round Messages have to be of length polynomial in jxj dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 1 V runs in time polynomial in jxj 3 / 144 3 x 2= L =) 8PV (x) = 0 after k-rounds with P Note: each message sent is one round Messages have to be of length polynomial in jxj dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 1 V runs in time polynomial in jxj 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 4 / 144 Note: each message sent is one round Messages have to be of length polynomial in jxj dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 1 V runs in time polynomial in jxj 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 3 x 2= L =) 8PV (x) = 0 after k-rounds with P 5 / 144 Messages have to be of length polynomial in jxj dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 1 V runs in time polynomial in jxj 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 3 x 2= L =) 8PV (x) = 0 after k-rounds with P Note: each message sent is one round 6 / 144 dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 1 V runs in time polynomial in jxj 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 3 x 2= L =) 8PV (x) = 0 after k-rounds with P Note: each message sent is one round Messages have to be of length polynomial in jxj 7 / 144 Deterministic Interactive Proof System Deterministic Proof Systems A language L has a k-round deterministic interactive proof system if there exists a TM V such that on input x, 1 V runs in time polynomial in jxj 2 x 2 L =) 9P s.t. V (x) = 1 after k-rounds with P 3 x 2= L =) 8PV (x) = 0 after k-rounds with P Note: each message sent is one round Messages have to be of length polynomial in jxj dIP dIP is the set of languages with a k(n)-round interactive proof system, where k(n) is a polynomial in n. 8 / 144 I Mainly because the prover knows the verifier algorithm I So prover just ‘simulates’ the messages all at once Now we consider when the verifier is probabilistic Defining IP Let k : N ! N be some function. A language L is in IP [k] if there is a k(jxj)-time probabilistic TM V such that: x 2 L =) 9P Pr [ V accepts x, V (x) = 1 ] ≥ 2=3 x 2= L =) 8P Pr [ V accepts x, V (x) = 1 ] ≤ 1=3 Definition [ IP = IP [nc ] c The Class IP Interactivity doesn’t seem to give more power 9 / 144 I So prover just ‘simulates’ the messages all at once Now we consider when the verifier is probabilistic Defining IP Let k : N ! N be some function. A language L is in IP [k] if there is a k(jxj)-time probabilistic TM V such that: x 2 L =) 9P Pr [ V accepts x, V (x) = 1 ] ≥ 2=3 x 2= L =) 8P Pr [ V accepts x, V (x) = 1 ] ≤ 1=3 Definition [ IP = IP [nc ] c The Class IP Interactivity doesn’t seem to give more power I Mainly because the prover knows the verifier algorithm 10 / 144 Now we consider when the verifier is probabilistic Defining IP Let k : N ! N be some function. A language L is in IP [k] if there is a k(jxj)-time probabilistic TM V such that: x 2 L =) 9P Pr [ V accepts x, V (x) = 1 ] ≥ 2=3 x 2= L =) 8P Pr [ V accepts x, V (x) = 1 ] ≤ 1=3 Definition [ IP = IP [nc ] c The Class IP Interactivity doesn’t seem to give more power I Mainly because the prover knows the verifier algorithm I So prover just ‘simulates’ the messages all at once 11 / 144 Defining IP Let k : N ! N be some function. A language L is in IP [k] if there is a k(jxj)-time probabilistic TM V such that: x 2 L =) 9P Pr [ V accepts x, V (x) = 1 ] ≥ 2=3 x 2= L =) 8P Pr [ V accepts x, V (x) = 1 ] ≤ 1=3 Definition [ IP = IP [nc ] c The Class IP Interactivity doesn’t seem to give more power I Mainly because the prover knows the verifier algorithm I So prover just ‘simulates’ the messages all at once Now we consider when the verifier is probabilistic 12 / 144 Definition [ IP = IP [nc ] c The Class IP Interactivity doesn’t seem to give more power I Mainly because the prover knows the verifier algorithm I So prover just ‘simulates’ the messages all at once Now we consider when the verifier is probabilistic Defining IP Let k : N ! N be some function. A language L is in IP [k] if there is a k(jxj)-time probabilistic TM V such that: x 2 L =) 9P Pr [ V accepts x, V (x) = 1 ] ≥ 2=3 x 2= L =) 8P Pr [ V accepts x, V (x) = 1 ] ≤ 1=3 13 / 144 The Class IP Interactivity doesn’t seem to give more power I Mainly because the prover knows the verifier algorithm I So prover just ‘simulates’ the messages all at once Now we consider when the verifier is probabilistic Defining IP Let k : N ! N be some function. A language L is in IP [k] if there is a k(jxj)-time probabilistic TM V such that: x 2 L =) 9P Pr [ V accepts x, V (x) = 1 ] ≥ 2=3 x 2= L =) 8P Pr [ V accepts x, V (x) = 1 ] ≤ 1=3 Definition [ IP = IP [nc ] c 14 / 144 Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP 15 / 144 Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn 16 / 144 We give a n-round interactive proof as follows: Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable 17 / 144 Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: 18 / 144 I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: Proof steps: 19 / 144 I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g 20 / 144 I Present a Verifier protocol for proving this identity 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain 21 / 144 3SAT Claim 3SAT 2 IP Given φ = C1 _ ::: _ Cm in n variables x1;:::; xn Have to accept φ iff φ is not satisfiable We give a n-round interactive proof as follows: Proof steps: I Reduce the problem to polynomial identity testing over f0; 1g I Think of the polynomial over a larger domain I Present a Verifier protocol for proving this identity 22 / 144 Prover: φ(x1;:::; xn) has k satisfying assignments.
Load more

Recommended publications
  • On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs*
    On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs* Benny Applebaum† Eyal Golombek* Abstract We study the randomness complexity of interactive proofs and zero-knowledge proofs. In particular, we ask whether it is possible to reduce the randomness complexity, R, of the verifier to be comparable with the number of bits, CV , that the verifier sends during the interaction. We show that such randomness sparsification is possible in several settings. Specifically, unconditional sparsification can be obtained in the non-uniform setting (where the verifier is modelled as a circuit), and in the uniform setting where the parties have access to a (reusable) common-random-string (CRS). We further show that constant-round uniform protocols can be sparsified without a CRS under a plausible worst-case complexity-theoretic assumption that was used previously in the context of derandomization. All the above sparsification results preserve statistical-zero knowledge provided that this property holds against a cheating verifier. We further show that randomness sparsification can be applied to honest-verifier statistical zero-knowledge (HVSZK) proofs at the expense of increasing the communica- tion from the prover by R−F bits, or, in the case of honest-verifier perfect zero-knowledge (HVPZK) by slowing down the simulation by a factor of 2R−F . Here F is a new measure of accessible bit complexity of an HVZK proof system that ranges from 0 to R, where a maximal grade of R is achieved when zero- knowledge holds against a “semi-malicious” verifier that maliciously selects its random tape and then plays honestly.
    [Show full text]
  • NP-Completeness Part I
    NP-Completeness Part I Outline for Today ● Recap from Last Time ● Welcome back from break! Let's make sure we're all on the same page here. ● Polynomial-Time Reducibility ● Connecting problems together. ● NP-Completeness ● What are the hardest problems in NP? ● The Cook-Levin Theorem ● A concrete NP-complete problem. Recap from Last Time The Limits of Computability EQTM EQTM co-RE R RE LD LD ADD HALT ATM HALT ATM 0*1* The Limits of Efficient Computation P NP R P and NP Refresher ● The class P consists of all problems solvable in deterministic polynomial time. ● The class NP consists of all problems solvable in nondeterministic polynomial time. ● Equivalently, NP consists of all problems for which there is a deterministic, polynomial-time verifier for the problem. Reducibility Maximum Matching ● Given an undirected graph G, a matching in G is a set of edges such that no two edges share an endpoint. ● A maximum matching is a matching with the largest number of edges. AA maximummaximum matching.matching. Maximum Matching ● Jack Edmonds' paper “Paths, Trees, and Flowers” gives a polynomial-time algorithm for finding maximum matchings. ● (This is the same Edmonds as in “Cobham- Edmonds Thesis.) ● Using this fact, what other problems can we solve? Domino Tiling Domino Tiling Solving Domino Tiling Solving Domino Tiling Solving Domino Tiling Solving Domino Tiling Solving Domino Tiling Solving Domino Tiling Solving Domino Tiling Solving Domino Tiling The Setup ● To determine whether you can place at least k dominoes on a crossword grid, do the following: ● Convert the grid into a graph: each empty cell is a node, and any two adjacent empty cells have an edge between them.
    [Show full text]
  • Theory of Computation
    A Universal Program (4) Theory of Computation Prof. Michael Mascagni Florida State University Department of Computer Science 1 / 33 Recursively Enumerable Sets (4.4) A Universal Program (4) The Parameter Theorem (4.5) Diagonalization, Reducibility, and Rice's Theorem (4.6, 4.7) Enumeration Theorem Definition. We write Wn = fx 2 N j Φ(x; n) #g: Then we have Theorem 4.6. A set B is r.e. if and only if there is an n for which B = Wn. Proof. This is simply by the definition ofΦ( x; n). 2 Note that W0; W1; W2;::: is an enumeration of all r.e. sets. 2 / 33 Recursively Enumerable Sets (4.4) A Universal Program (4) The Parameter Theorem (4.5) Diagonalization, Reducibility, and Rice's Theorem (4.6, 4.7) The Set K Let K = fn 2 N j n 2 Wng: Now n 2 K , Φ(n; n) #, HALT(n; n) This, K is the set of all numbers n such that program number n eventually halts on input n. 3 / 33 Recursively Enumerable Sets (4.4) A Universal Program (4) The Parameter Theorem (4.5) Diagonalization, Reducibility, and Rice's Theorem (4.6, 4.7) K Is r.e. but Not Recursive Theorem 4.7. K is r.e. but not recursive. Proof. By the universality theorem, Φ(n; n) is partially computable, hence K is r.e. If K¯ were also r.e., then by the enumeration theorem, K¯ = Wi for some i. We then arrive at i 2 K , i 2 Wi , i 2 K¯ which is a contradiction.
    [Show full text]
  • Glossary of Complexity Classes
    App endix A Glossary of Complexity Classes Summary This glossary includes selfcontained denitions of most complexity classes mentioned in the b o ok Needless to say the glossary oers a very minimal discussion of these classes and the reader is re ferred to the main text for further discussion The items are organized by topics rather than by alphab etic order Sp ecically the glossary is partitioned into two parts dealing separately with complexity classes that are dened in terms of algorithms and their resources ie time and space complexity of Turing machines and complexity classes de ned in terms of nonuniform circuits and referring to their size and depth The algorithmic classes include timecomplexity based classes such as P NP coNP BPP RP coRP PH E EXP and NEXP and the space complexity classes L NL RL and P S P AC E The non k uniform classes include the circuit classes P p oly as well as NC and k AC Denitions and basic results regarding many other complexity classes are available at the constantly evolving Complexity Zoo A Preliminaries Complexity classes are sets of computational problems where each class contains problems that can b e solved with sp ecic computational resources To dene a complexity class one sp ecies a mo del of computation a complexity measure like time or space which is always measured as a function of the input length and a b ound on the complexity of problems in the class We follow the tradition of fo cusing on decision problems but refer to these problems using the terminology of promise problems
    [Show full text]
  • A Study of the NEXP Vs. P/Poly Problem and Its Variants by Barıs
    A Study of the NEXP vs. P/poly Problem and Its Variants by Barı¸sAydınlıoglu˘ A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Computer Sciences) at the UNIVERSITY OF WISCONSIN–MADISON 2017 Date of final oral examination: August 15, 2017 This dissertation is approved by the following members of the Final Oral Committee: Eric Bach, Professor, Computer Sciences Jin-Yi Cai, Professor, Computer Sciences Shuchi Chawla, Associate Professor, Computer Sciences Loris D’Antoni, Asssistant Professor, Computer Sciences Joseph S. Miller, Professor, Mathematics © Copyright by Barı¸sAydınlıoglu˘ 2017 All Rights Reserved i To Azadeh ii acknowledgments I am grateful to my advisor Eric Bach, for taking me on as his student, for being a constant source of inspiration and guidance, for his patience, time, and for our collaboration in [9]. I have a story to tell about that last one, the paper [9]. It was a late Monday night, 9:46 PM to be exact, when I e-mailed Eric this: Subject: question Eric, I am attaching two lemmas. They seem simple enough. Do they seem plausible to you? Do you see a proof/counterexample? Five minutes past midnight, Eric responded, Subject: one down, one to go. I think the first result is just linear algebra. and proceeded to give a proof from The Book. I was ecstatic, though only for fifteen minutes because then he sent a counterexample refuting the other lemma. But a third lemma, inspired by his counterexample, tied everything together. All within three hours. On a Monday midnight. I only wish that I had asked to work with him sooner.
    [Show full text]
  • A New Point of NP-Hardness for Unique Games
    A new point of NP-hardness for Unique Games Ryan O'Donnell∗ John Wrighty September 30, 2012 Abstract 1 3 We show that distinguishing 2 -satisfiable Unique-Games instances from ( 8 + )-satisfiable instances is NP-hard (for all > 0). A consequence is that we match or improve the best known c vs. s NP-hardness result for Unique-Games for all values of c (except for c very close to 0). For these c, ours is the first hardness result showing that it helps to take the alphabet size larger than 2. Our NP-hardness reductions are quasilinear-size and thus show nearly full exponential time is required, assuming the ETH. ∗Department of Computer Science, Carnegie Mellon University. Supported by NSF grants CCF-0747250 and CCF-0915893, and by a Sloan fellowship. Some of this research performed while the author was a von Neumann Fellow at the Institute for Advanced Study, supported by NSF grants DMS-083537 and CCF-0832797. yDepartment of Computer Science, Carnegie Mellon University. 1 Introduction Thanks largely to the groundbreaking work of H˚astad[H˚as01], we have optimal NP-hardness of approximation results for several constraint satisfaction problems (CSPs), including 3Lin(Z2) and 3Sat. But for many others | including most interesting CSPs with 2-variable constraints | we lack matching algorithmic and NP-hardness results. Take the 2Lin(Z2) problem for example, in which there are Boolean variables with constraints of the form \xi = xj" and \xi 6= xj". The largest approximation ratio known to be achievable in polynomial time is roughly :878 [GW95], whereas it 11 is only known that achieving ratios above 12 ≈ :917 is NP-hard [H˚as01, TSSW00].
    [Show full text]
  • Quantum Computational Complexity Theory Is to Un- Derstand the Implications of Quantum Physics to Computational Complexity Theory
    Quantum Computational Complexity John Watrous Institute for Quantum Computing and School of Computer Science University of Waterloo, Waterloo, Ontario, Canada. Article outline I. Definition of the subject and its importance II. Introduction III. The quantum circuit model IV. Polynomial-time quantum computations V. Quantum proofs VI. Quantum interactive proof systems VII. Other selected notions in quantum complexity VIII. Future directions IX. References Glossary Quantum circuit. A quantum circuit is an acyclic network of quantum gates connected by wires: the gates represent quantum operations and the wires represent the qubits on which these operations are performed. The quantum circuit model is the most commonly studied model of quantum computation. Quantum complexity class. A quantum complexity class is a collection of computational problems that are solvable by a cho- sen quantum computational model that obeys certain resource constraints. For example, BQP is the quantum complexity class of all decision problems that can be solved in polynomial time by a arXiv:0804.3401v1 [quant-ph] 21 Apr 2008 quantum computer. Quantum proof. A quantum proof is a quantum state that plays the role of a witness or certificate to a quan- tum computer that runs a verification procedure. The quantum complexity class QMA is defined by this notion: it includes all decision problems whose yes-instances are efficiently verifiable by means of quantum proofs. Quantum interactive proof system. A quantum interactive proof system is an interaction between a verifier and one or more provers, involving the processing and exchange of quantum information, whereby the provers attempt to convince the verifier of the answer to some computational problem.
    [Show full text]
  • Complexity Theory
    Mapping Reductions Part II -and- Complexity Theory Announcements ● Casual CS Dinner for Women Studying Computer Science is tomorrow night: Thursday, March 7 at 6PM in Gates 219! ● RSVP through the email link sent out earlier this week. Announcements ● Problem Set 7 due tomorrow at 12:50PM with a late day. ● This is a hard deadline – no submissions will be accepted after 12:50PM so that we can release solutions early. Recap from Last Time Mapping Reductions ● A function f : Σ1* → Σ2* is called a mapping reduction from A to B iff ● For any w ∈ Σ1*, w ∈ A iff f(w) ∈ B. ● f is a computable function. ● Intuitively, a mapping reduction from A to B says that a computer can transform any instance of A into an instance of B such that the answer to B is the answer to A. Why Mapping Reducibility Matters ● Theorem: If B ∈ R and A ≤M B, then A ∈ R. ● Theorem: If B ∈ RE and A ≤M B, then A ∈ RE. ● Theorem: If B ∈ co-RE and A ≤M B, then A ∈ co-RE. ● Intuitively: A ≤M B means “A is not harder than B.” Why Mapping Reducibility Matters ● Theorem: If A ∉ R and A ≤M B, then B ∉ R. ● Theorem: If A ∉ RE and A ≤M B, then B ∉ RE. ● Theorem: If A ∉ co-RE and A ≤M B, then B ∉ co-RE. ● Intuitively: A ≤M B means “B is at at least as hard as A.” Why Mapping Reducibility Matters IfIf thisthis oneone isis “easy”“easy” ((RR,, RERE,, co-co-RERE)…)… A ≤M B …… thenthen thisthis oneone isis “easy”“easy” ((RR,, RERE,, co-co-RERE)) too.too.
    [Show full text]
  • Lecture 8: Complete Problems for Other Complexity Classes 1. NL
    IAS/PCMI Summer Session 2000 Clay Mathematics Undergraduate Program Basic Course on Computational Complexity Lecture 8: Complete Problems for Other Complexity Classes David Mix Barrington and Alexis Maciel July 26, 2000 In our first week of lectures, we introduced the following complexity classes and established this sequence of inclusions: AC0 ⊆ NC1 ⊆ L ⊆ NL ⊆ AC1 ⊆ · · · ⊆ NC ⊆ P ⊆ NP ⊆ PSPACE ⊆ EXP: (Once again, all the circuit classes below L must be logspace uniform while those between NL and P can either be all logspace uniform or all P uniform.) We also pointed out that among all these inclusions, only one is known to be strict: the first one. In the preceding two lectures, we have examined the concept of NP-completeness and argued its relevance to the question of whether P equals NP. The NP- completeness of a problem can also be viewed as evidence that the problem is not in P, but this depends on how strongly one believes that P 6= NP. In this lecture, our goal will be to identify complete problems for some of the other complexity classes. 1. NL-Completeness Before defining the notion of NL-completeness, we first need to decide on the kind of reducibility that would be appropriate. Polynomial-time reducibility would not be very useful because NL ⊆ P, which implies that the reduction itself would be able to solve any problem in NL. As a consequence, every language in NL (except ; and Σ∗) would be NL-complete. A better choice is a kind of reducibility that corresponds to a subclass of NL. We also want this subclass X to be closed under function composition so that if A ≤X B and B 2 X, then A 2 X.
    [Show full text]
  • Circuit Complexity Contents 1 Announcements 2 Relation to Other
    CS221: Computational Complexity Prof. Salil Vadhan Lecture 19: Circuit Complexity 11/6 Scribe: Chris Crick Contents 1 Announcements ² Problem Set 3, problem 2: You may use ², the regular expression for the empty string. ² PS3 due tomorrow. ² Be aware that you do not necessarily have to solve all of the problems on the problem set — the point is to get you to think about them. ² Reading: Papadimitriou x4.3, x11.4 2 Relation to other complexity measures Definition: The circuit complexity or circuit size of a function f : f0; 1gn ! f0; 1g is the number of gates in the smallest boolean circuit that computes f. Circuit complexity depends our choice of a universal basis, but only up to a constant. We can therefore use any such basis to represent our circuit. Because it’s familiar and convenient, then, we will usually use AND, OR and NOT, though sometimes the set of all boolean functions of two inputs and one output is more natural. Example: To provide a sense for how one programs with circuits, we will examine the thresh- 1 if at least two x s are 1 old function Th (x ; ¢ ¢ ¢ ; x ) = f i g. Figure 1 shows a simple circuit to 2 1 n 0 otherwise compute this function. In this circuit, li = 1 if at least one of (x1; : : : ; xi) = 1. ri becomes 1 once two xis equal 1. li is just xi _ li¡1, and ri is ri¡1 _ (li¡1 ^ xi). The output node is rn. Conventions for counting circuit gates vary a little – for example, some people count the inputs in the total, while others don’t.
    [Show full text]
  • On the Computational Complexity of Algorithms by J
    ON THE COMPUTATIONAL COMPLEXITY OF ALGORITHMS BY J. HARTMANIS AND R. E. STEARNS I. Introduction. In his celebrated paper [1], A. M. Turing investigated the computability of sequences (functions) by mechanical procedures and showed that the setofsequencescanbe partitioned into computable and noncomputable sequences. One finds, however, that some computable sequences are very easy to compute whereas other computable sequences seem to have an inherent complexity that makes them difficult to compute. In this paper, we investigate a scheme of classifying sequences according to how hard they are to compute. This scheme puts a rich structure on the computable sequences and a variety of theorems are established. Furthermore, this scheme can be generalized to classify numbers, functions, or recognition problems according to their compu- tational complexity. The computational complexity of a sequence is to be measured by how fast a multitape Turing machine can print out the terms of the sequence. This particular abstract model of a computing device is chosen because much of the work in this area is stimulated by the rapidly growing importance of computation through the use of digital computers, and all digital computers in a slightly idealized form belong to the class of multitape Turing machines. More specifically, if Tin) is a computable, monotone increasing function of positive integers into positive integers and if a is a (binary) sequence, then we say that a is in complexity class ST or that a is T-computable if and only if there is a multitape Turing machine 3~ such that 3~ computes the nth term of a. within Tin) operations.
    [Show full text]
  • A Mini-Course on Probabilistically Checkable Proofs
    A Mini-Course on Probabilistically Checkable Proofs Orr Paradise∗ The 2018 Amos de-Shalit Summer School Weizmann Institute of Science Contents I Sunday, September 2nd 2018 2 1 Prelude: Computation and Verification 2 2 Probabilistically Checkable Proofs 3 II Monday, September 3rd 2018 5 3 The geometry of Boolean functions 5 4 Multiplicative Boolean functions 6 III Tuesday, September 4th 2018 8 5 A connection: property testing 8 6 Testing and decoding the Hadamard code 8 IV Wednesday, September 5th 2018 11 7 Quadratic equations over the field of two elements 11 8 Constructing the PCP: from ideal to real 11 9 N P ⊆ PCP (poly;O (1)) 13 ∗http://www.wisdom.weizmann.ac.il/~orrp/ 1 Part I Sunday, September 2nd 2018 This course does not directly follow any specific textbook (and therefore all errors and omissions are the teacher's). Two great resources for additional reading (and studying complexity theory in general) are [Gol08, AB09]. 1 Prelude: Computation and Verification What can be computed efficiently? This question stands at the heart of the field of computational complexity. Complexity theorists aim to answer questions of this type, a famous example being "If a solution for a problem can be verified efficiently, can it also be found efficiently?". Definition 1.1 (NP). A language L is efficiently verifiable if there exists a Turing Machine V with the following properties: • Completeness: For all x 2 L there exists a witness w of length polynomial in jxj such that V (x; w) = 1. • Soundness: For all x2 = L and any w it holds that V (x; w) = 0.
    [Show full text]