Lecture 10: Space Complexity III

Total Page:16

File Type:pdf, Size:1020Kb

Lecture 10: Space Complexity III Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Lecture 10: Space Complexity III Arijit Bishnu 27.03.2010 Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Outline 1 Space Complexity Classes: NL and L 2 Reductions 3 NL-completeness 4 The Relation between NL and coNL 5 A Relation Among the Complexity Classes Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Outline 1 Space Complexity Classes: NL and L 2 Reductions 3 NL-completeness 4 The Relation between NL and coNL 5 A Relation Among the Complexity Classes Definition for Recapitulation S c NPSPACE = c>0 NSPACE(n ). The class NPSPACE is an analog of the class NP. Definition L = SPACE(log n). Definition NL = NSPACE(log n). Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Space Complexity Classes Definition for Recapitulation S c PSPACE = c>0 SPACE(n ). The class PSPACE is an analog of the class P. Definition L = SPACE(log n). Definition NL = NSPACE(log n). Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Space Complexity Classes Definition for Recapitulation S c PSPACE = c>0 SPACE(n ). The class PSPACE is an analog of the class P. Definition for Recapitulation S c NPSPACE = c>0 NSPACE(n ). The class NPSPACE is an analog of the class NP. Definition NL = NSPACE(log n). Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Space Complexity Classes Definition for Recapitulation S c PSPACE = c>0 SPACE(n ). The class PSPACE is an analog of the class P. Definition for Recapitulation S c NPSPACE = c>0 NSPACE(n ). The class NPSPACE is an analog of the class NP. Definition L = SPACE(log n). Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Space Complexity Classes Definition for Recapitulation S c PSPACE = c>0 SPACE(n ). The class PSPACE is an analog of the class P. Definition for Recapitulation S c NPSPACE = c>0 NSPACE(n ). The class NPSPACE is an analog of the class NP. Definition L = SPACE(log n). Definition NL = NSPACE(log n). Is the following in L? Check whether the following language is in L? A = f0k 1k j k ≥ 0g Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Examples Is the following in L? Check whether the following language is in L? EVEN = fx j x has an even number of 1sg: Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Examples Is the following in L? Check whether the following language is in L? EVEN = fx j x has an even number of 1sg: Is the following in L? Check whether the following language is in L? A = f0k 1k j k ≥ 0g The idea for this definition was that the nondeterministic choices of the NDTM that result in acceptance can be viewed as a polynomial sized certificate that x 2 L and vice versa. A logspace NDTM, according to the concept of configuration graph that we studied, can generate a certificate that is polynomially long but it does not have the space to store it. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes A Certificate Based Definition of NL Recall the Definition of the Class NP A language L ⊆ f0; 1g∗ is in NP if there exists a polynomial p : N ! N and a polynomial-time TM M such that for every x 2 f0; 1g∗, x 2 L () 9u 2 f0; 1gp(jxj) such that M(x; u) = 1 If x 2 L and u 2 f0; 1gp(jxj) satisfy M(x; u) = 1, then we call u a certificate for x (w.r.t. language L and machine M). A logspace NDTM, according to the concept of configuration graph that we studied, can generate a certificate that is polynomially long but it does not have the space to store it. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes A Certificate Based Definition of NL Recall the Definition of the Class NP A language L ⊆ f0; 1g∗ is in NP if there exists a polynomial p : N ! N and a polynomial-time TM M such that for every x 2 f0; 1g∗, x 2 L () 9u 2 f0; 1gp(jxj) such that M(x; u) = 1 If x 2 L and u 2 f0; 1gp(jxj) satisfy M(x; u) = 1, then we call u a certificate for x (w.r.t. language L and machine M). The idea for this definition was that the nondeterministic choices of the NDTM that result in acceptance can be viewed as a polynomial sized certificate that x 2 L and vice versa. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes A Certificate Based Definition of NL Recall the Definition of the Class NP A language L ⊆ f0; 1g∗ is in NP if there exists a polynomial p : N ! N and a polynomial-time TM M such that for every x 2 f0; 1g∗, x 2 L () 9u 2 f0; 1gp(jxj) such that M(x; u) = 1 If x 2 L and u 2 f0; 1gp(jxj) satisfy M(x; u) = 1, then we call u a certificate for x (w.r.t. language L and machine M). The idea for this definition was that the nondeterministic choices of the NDTM that result in acceptance can be viewed as a polynomial sized certificate that x 2 L and vice versa. A logspace NDTM, according to the concept of configuration graph that we studied, can generate a certificate that is polynomially long but it does not have the space to store it. At each step, the machine's head on this tape can either stay in place or move right. Thus, the tape is a read once tape. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes A Certificate Based Definition of NL continued... So, we assume a separate read-only tape for the logspace machine. We call this tape to be the certificate tape. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes A Certificate Based Definition of NL continued... So, we assume a separate read-only tape for the logspace machine. We call this tape to be the certificate tape. At each step, the machine's head on this tape can either stay in place or move right. Thus, the tape is a read once tape. Definition: Class NL A language L ⊆ f0; 1g∗ is in NL if there exists a polynomial p : N ! N and a deterministic TM M using at most O(log jxj) space on its read/write tape for every input x and M has a certificate tape, such that for every x 2 f0; 1g∗, x 2 L () 9u 2 f0; 1gp(jxj) such that M(x; u) = 1 M(x; u) denotes the output of M where x is placed on its input tape and u is placed on its certificate tape. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes The Certificate Based Definition of NL Definition: Class NL A language L ⊆ f0; 1g∗ is in NL if there exists a polynomial p : N ! N and a deterministic TM M using at most O(log jxj) space on its read/write tape for every input x and M has a certificate tape, such that for every x 2 f0; 1g∗, x 2 L () 9u 2 f0; 1gp(jxj) such that M(x; u) = 1 M(x; u) denotes the output of M where x is placed on its input tape and u is placed on its certificate tape. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes The Certificate Based Definition of NL Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes The Certificate Based Definition of NL Definition: Class NL A language L ⊆ f0; 1g∗ is in NL if there exists a polynomial p : N ! N and a deterministic TM M using at most O(log jxj) space on its read/write tape for every input x and M has a certificate tape, such that for every x 2 f0; 1g∗, x 2 L () 9u 2 f0; 1gp(jxj) such that M(x; u) = 1 M(x; u) denotes the output of M where x is placed on its input tape and u is placed on its certificate tape. Solution: PATH 2 NL Generate the certificate on the certificate tape and verify it. Space Complexity Classes: NL and L Reductions NL-completeness The Relation between NL and coNL A Relation Among the Complexity Classes Example Is the following in NL? Check whether the following language is in NL? PATH = f< G; s; t > j G is a directed graph in which there is a path from s to tg.
Recommended publications
  • Database Theory
    DATABASE THEORY Lecture 4: Complexity of FO Query Answering Markus Krotzsch¨ TU Dresden, 21 April 2016 Overview 1. Introduction | Relational data model 2. First-order queries 3. Complexity of query answering 4. Complexity of FO query answering 5. Conjunctive queries 6. Tree-like conjunctive queries 7. Query optimisation 8. Conjunctive Query Optimisation / First-Order Expressiveness 9. First-Order Expressiveness / Introduction to Datalog 10. Expressive Power and Complexity of Datalog 11. Optimisation and Evaluation of Datalog 12. Evaluation of Datalog (2) 13. Graph Databases and Path Queries 14. Outlook: database theory in practice See course homepage [) link] for more information and materials Markus Krötzsch, 21 April 2016 Database Theory slide 2 of 41 How to Measure Query Answering Complexity Query answering as decision problem { consider Boolean queries Various notions of complexity: • Combined complexity (complexity w.r.t. size of query and database instance) • Data complexity (worst case complexity for any fixed query) • Query complexity (worst case complexity for any fixed database instance) Various common complexity classes: L ⊆ NL ⊆ P ⊆ NP ⊆ PSpace ⊆ ExpTime Markus Krötzsch, 21 April 2016 Database Theory slide 3 of 41 An Algorithm for Evaluating FO Queries function Eval(', I) 01 switch (') f I 02 case p(c1, ::: , cn): return hc1, ::: , cni 2 p 03 case : : return :Eval( , I) 04 case 1 ^ 2 : return Eval( 1, I) ^ Eval( 2, I) 05 case 9x. : 06 for c 2 ∆I f 07 if Eval( [x 7! c], I) then return true 08 g 09 return false 10 g Markus Krötzsch, 21 April 2016 Database Theory slide 4 of 41 FO Algorithm Worst-Case Runtime Let m be the size of ', and let n = jIj (total table sizes) • How many recursive calls of Eval are there? { one per subexpression: at most m • Maximum depth of recursion? { bounded by total number of calls: at most m • Maximum number of iterations of for loop? { j∆Ij ≤ n per recursion level { at most nm iterations I • Checking hc1, ::: , cni 2 p can be done in linear time w.r.t.
    [Show full text]
  • CS601 DTIME and DSPACE Lecture 5 Time and Space Functions: T, S
    CS601 DTIME and DSPACE Lecture 5 Time and Space functions: t, s : N → N+ Definition 5.1 A set A ⊆ U is in DTIME[t(n)] iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. A = L(M) ≡ w ∈ U M(w)=1 , and 2. ∀w ∈ U, M(w) halts within c · t(|w|) steps. Definition 5.2 A set A ⊆ U is in DSPACE[s(n)] iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. A = L(M), and 2. ∀w ∈ U, M(w) uses at most c · s(|w|) work-tape cells. (Input tape is “read-only” and not counted as space used.) Example: PALINDROMES ∈ DTIME[n], DSPACE[n]. In fact, PALINDROMES ∈ DSPACE[log n]. [Exercise] 1 CS601 F(DTIME) and F(DSPACE) Lecture 5 Definition 5.3 f : U → U is in F (DTIME[t(n)]) iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. f = M(·); 2. ∀w ∈ U, M(w) halts within c · t(|w|) steps; 3. |f(w)|≤|w|O(1), i.e., f is polynomially bounded. Definition 5.4 f : U → U is in F (DSPACE[s(n)]) iff there exists a deterministic, multi-tape TM, M, and a constant c, such that, 1. f = M(·); 2. ∀w ∈ U, M(w) uses at most c · s(|w|) work-tape cells; 3. |f(w)|≤|w|O(1), i.e., f is polynomially bounded. (Input tape is “read-only”; Output tape is “write-only”.
    [Show full text]
  • Interactive Proof Systems and Alternating Time-Space Complexity
    Theoretical Computer Science 113 (1993) 55-73 55 Elsevier Interactive proof systems and alternating time-space complexity Lance Fortnow” and Carsten Lund** Department of Computer Science, Unicersity of Chicago. 1100 E. 58th Street, Chicago, IL 40637, USA Abstract Fortnow, L. and C. Lund, Interactive proof systems and alternating time-space complexity, Theoretical Computer Science 113 (1993) 55-73. We show a rough equivalence between alternating time-space complexity and a public-coin interactive proof system with the verifier having a polynomial-related time-space complexity. Special cases include the following: . All of NC has interactive proofs, with a log-space polynomial-time public-coin verifier vastly improving the best previous lower bound of LOGCFL for this model (Fortnow and Sipser, 1988). All languages in P have interactive proofs with a polynomial-time public-coin verifier using o(log’ n) space. l All exponential-time languages have interactive proof systems with public-coin polynomial-space exponential-time verifiers. To achieve better bounds, we show how to reduce a k-tape alternating Turing machine to a l-tape alternating Turing machine with only a constant factor increase in time and space. 1. Introduction In 1981, Chandra et al. [4] introduced alternating Turing machines, an extension of nondeterministic computation where the Turing machine can make both existential and universal moves. In 1985, Goldwasser et al. [lo] and Babai [l] introduced interactive proof systems, an extension of nondeterministic computation consisting of two players, an infinitely powerful prover and a probabilistic polynomial-time verifier. The prover will try to convince the verifier of the validity of some statement.
    [Show full text]
  • Complexity Theory Lecture 9 Co-NP Co-NP-Complete
    Complexity Theory 1 Complexity Theory 2 co-NP Complexity Theory Lecture 9 As co-NP is the collection of complements of languages in NP, and P is closed under complementation, co-NP can also be characterised as the collection of languages of the form: ′ L = x y y <p( x ) R (x, y) { |∀ | | | | → } Anuj Dawar University of Cambridge Computer Laboratory NP – the collection of languages with succinct certificates of Easter Term 2010 membership. co-NP – the collection of languages with succinct certificates of http://www.cl.cam.ac.uk/teaching/0910/Complexity/ disqualification. Anuj Dawar May 14, 2010 Anuj Dawar May 14, 2010 Complexity Theory 3 Complexity Theory 4 NP co-NP co-NP-complete P VAL – the collection of Boolean expressions that are valid is co-NP-complete. Any language L that is the complement of an NP-complete language is co-NP-complete. Any of the situations is consistent with our present state of ¯ knowledge: Any reduction of a language L1 to L2 is also a reduction of L1–the complement of L1–to L¯2–the complement of L2. P = NP = co-NP • There is an easy reduction from the complement of SAT to VAL, P = NP co-NP = NP = co-NP • ∩ namely the map that takes an expression to its negation. P = NP co-NP = NP = co-NP • ∩ VAL P P = NP = co-NP ∈ ⇒ P = NP co-NP = NP = co-NP • ∩ VAL NP NP = co-NP ∈ ⇒ Anuj Dawar May 14, 2010 Anuj Dawar May 14, 2010 Complexity Theory 5 Complexity Theory 6 Prime Numbers Primality Consider the decision problem PRIME: Another way of putting this is that Composite is in NP.
    [Show full text]
  • The Shrinking Property for NP and Conp✩
    Theoretical Computer Science 412 (2011) 853–864 Contents lists available at ScienceDirect Theoretical Computer Science journal homepage: www.elsevier.com/locate/tcs The shrinking property for NP and coNPI Christian Glaßer a, Christian Reitwießner a,∗, Victor Selivanov b a Julius-Maximilians-Universität Würzburg, Germany b A.P. Ershov Institute of Informatics Systems, Siberian Division of the Russian Academy of Sciences, Russia article info a b s t r a c t Article history: We study the shrinking and separation properties (two notions well-known in descriptive Received 18 August 2009 set theory) for NP and coNP and show that under reasonable complexity-theoretic Received in revised form 11 November assumptions, both properties do not hold for NP and the shrinking property does not hold 2010 for coNP. In particular we obtain the following results. Accepted 15 November 2010 Communicated by A. Razborov P 1. NP and coNP do not have the shrinking property unless PH is finite. In general, Σn and P Πn do not have the shrinking property unless PH is finite. This solves an open question Keywords: posed by Selivanov (1994) [33]. Computational complexity 2. The separation property does not hold for NP unless UP ⊆ coNP. Polynomial hierarchy 3. The shrinking property does not hold for NP unless there exist NP-hard disjoint NP-pairs NP-pairs (existence of such pairs would contradict a conjecture of Even et al. (1984) [6]). P-separability Multivalued functions 4. The shrinking property does not hold for NP unless there exist complete disjoint NP- pairs. Moreover, we prove that the assumption NP 6D coNP is too weak to refute the shrinking property for NP in a relativizable way.
    [Show full text]
  • On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs*
    On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs* Benny Applebaum† Eyal Golombek* Abstract We study the randomness complexity of interactive proofs and zero-knowledge proofs. In particular, we ask whether it is possible to reduce the randomness complexity, R, of the verifier to be comparable with the number of bits, CV , that the verifier sends during the interaction. We show that such randomness sparsification is possible in several settings. Specifically, unconditional sparsification can be obtained in the non-uniform setting (where the verifier is modelled as a circuit), and in the uniform setting where the parties have access to a (reusable) common-random-string (CRS). We further show that constant-round uniform protocols can be sparsified without a CRS under a plausible worst-case complexity-theoretic assumption that was used previously in the context of derandomization. All the above sparsification results preserve statistical-zero knowledge provided that this property holds against a cheating verifier. We further show that randomness sparsification can be applied to honest-verifier statistical zero-knowledge (HVSZK) proofs at the expense of increasing the communica- tion from the prover by R−F bits, or, in the case of honest-verifier perfect zero-knowledge (HVPZK) by slowing down the simulation by a factor of 2R−F . Here F is a new measure of accessible bit complexity of an HVZK proof system that ranges from 0 to R, where a maximal grade of R is achieved when zero- knowledge holds against a “semi-malicious” verifier that maliciously selects its random tape and then plays honestly.
    [Show full text]
  • Computational Complexity: a Modern Approach
    i Computational Complexity: A Modern Approach Draft of a book: Dated January 2007 Comments welcome! Sanjeev Arora and Boaz Barak Princeton University [email protected] Not to be reproduced or distributed without the authors’ permission This is an Internet draft. Some chapters are more finished than others. References and attributions are very preliminary and we apologize in advance for any omissions (but hope you will nevertheless point them out to us). Please send us bugs, typos, missing references or general comments to [email protected] — Thank You!! DRAFT ii DRAFT Chapter 9 Complexity of counting “It is an empirical fact that for many combinatorial problems the detection of the existence of a solution is easy, yet no computationally efficient method is known for counting their number.... for a variety of problems this phenomenon can be explained.” L. Valiant 1979 The class NP captures the difficulty of finding certificates. However, in many contexts, one is interested not just in a single certificate, but actually counting the number of certificates. This chapter studies #P, (pronounced “sharp p”), a complexity class that captures this notion. Counting problems arise in diverse fields, often in situations having to do with estimations of probability. Examples include statistical estimation, statistical physics, network design, and more. Counting problems are also studied in a field of mathematics called enumerative combinatorics, which tries to obtain closed-form mathematical expressions for counting problems. To give an example, in the 19th century Kirchoff showed how to count the number of spanning trees in a graph using a simple determinant computation. Results in this chapter will show that for many natural counting problems, such efficiently computable expressions are unlikely to exist.
    [Show full text]
  • Chapter 24 Conp, Self-Reductions
    Chapter 24 coNP, Self-Reductions CS 473: Fundamental Algorithms, Spring 2013 April 24, 2013 24.1 Complementation and Self-Reduction 24.2 Complementation 24.2.1 Recap 24.2.1.1 The class P (A) A language L (equivalently decision problem) is in the class P if there is a polynomial time algorithm A for deciding L; that is given a string x, A correctly decides if x 2 L and running time of A on x is polynomial in jxj, the length of x. 24.2.1.2 The class NP Two equivalent definitions: (A) Language L is in NP if there is a non-deterministic polynomial time algorithm A (Turing Machine) that decides L. (A) For x 2 L, A has some non-deterministic choice of moves that will make A accept x (B) For x 62 L, no choice of moves will make A accept x (B) L has an efficient certifier C(·; ·). (A) C is a polynomial time deterministic algorithm (B) For x 2 L there is a string y (proof) of length polynomial in jxj such that C(x; y) accepts (C) For x 62 L, no string y will make C(x; y) accept 1 24.2.1.3 Complementation Definition 24.2.1. Given a decision problem X, its complement X is the collection of all instances s such that s 62 L(X) Equivalently, in terms of languages: Definition 24.2.2. Given a language L over alphabet Σ, its complement L is the language Σ∗ n L. 24.2.1.4 Examples (A) PRIME = nfn j n is an integer and n is primeg o PRIME = n n is an integer and n is not a prime n o PRIME = COMPOSITE .
    [Show full text]
  • Sustained Space Complexity
    Sustained Space Complexity Jo¨elAlwen1;3, Jeremiah Blocki2, and Krzysztof Pietrzak1 1 IST Austria 2 Purdue University 3 Wickr Inc. Abstract. Memory-hard functions (MHF) are functions whose eval- uation cost is dominated by memory cost. MHFs are egalitarian, in the sense that evaluating them on dedicated hardware (like FPGAs or ASICs) is not much cheaper than on off-the-shelf hardware (like x86 CPUs). MHFs have interesting cryptographic applications, most notably to password hashing and securing blockchains. Alwen and Serbinenko [STOC'15] define the cumulative memory com- plexity (cmc) of a function as the sum (over all time-steps) of the amount of memory required to compute the function. They advocate that a good MHF must have high cmc. Unlike previous notions, cmc takes into ac- count that dedicated hardware might exploit amortization and paral- lelism. Still, cmc has been critizised as insufficient, as it fails to capture possible time-memory trade-offs; as memory cost doesn't scale linearly, functions with the same cmc could still have very different actual hard- ware cost. In this work we address this problem, and introduce the notion of sustained- memory complexity, which requires that any algorithm evaluating the function must use a large amount of memory for many steps. We con- struct functions (in the parallel random oracle model) whose sustained- memory complexity is almost optimal: our function can be evaluated using n steps and O(n= log(n)) memory, in each step making one query to the (fixed-input length) random oracle, while any algorithm that can make arbitrary many parallel queries to the random oracle, still needs Ω(n= log(n)) memory for Ω(n) steps.
    [Show full text]
  • Succinctness of the Complement and Intersection of Regular Expressions Wouter Gelade, Frank Neven
    Succinctness of the Complement and Intersection of Regular Expressions Wouter Gelade, Frank Neven To cite this version: Wouter Gelade, Frank Neven. Succinctness of the Complement and Intersection of Regular Expres- sions. STACS 2008, Feb 2008, Bordeaux, France. pp.325-336. hal-00226864 HAL Id: hal-00226864 https://hal.archives-ouvertes.fr/hal-00226864 Submitted on 30 Jan 2008 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Symposium on Theoretical Aspects of Computer Science 2008 (Bordeaux), pp. 325-336 www.stacs-conf.org SUCCINCTNESS OF THE COMPLEMENT AND INTERSECTION OF REGULAR EXPRESSIONS WOUTER GELADE AND FRANK NEVEN Hasselt University and Transnational University of Limburg, School for Information Technology E-mail address: [email protected] Abstract. We study the succinctness of the complement and intersection of regular ex- pressions. In particular, we show that when constructing a regular expression defining the complement of a given regular expression, a double exponential size increase cannot be avoided. Similarly, when constructing a regular expression defining the intersection of a fixed and an arbitrary number of regular expressions, an exponential and double expo- nential size increase, respectively, can in worst-case not be avoided.
    [Show full text]
  • Lecture 9 1 Interactive Proof Systems/Protocols
    CS 282A/MATH 209A: Foundations of Cryptography Prof. Rafail Ostrovsky Lecture 9 Lecture date: March 7-9, 2005 Scribe: S. Bhattacharyya, R. Deak, P. Mirzadeh 1 Interactive Proof Systems/Protocols 1.1 Introduction The traditional mathematical notion of a proof is a simple passive protocol in which a prover P outputs a complete proof to a verifier V who decides on its validity. The interaction in this traditional sense is minimal and one-way, prover → verifier. The observation has been made that allowing the verifier to interact with the prover can have advantages, for example proving the assertion faster or proving more expressive languages. This extension allows for the idea of interactive proof systems (protocols). The general framework of the interactive proof system (protocol) involves a prover P with an exponential amount of time (computationally unbounded) and a verifier V with a polyno- mial amount of time. Both P and V exchange multiple messages (challenges and responses), usually dependent upon outcomes of fair coin tosses which they may or may not share. It is easy to see that since V is a poly-time machine (PPT), only a polynomial number of messages may be exchanged between the two. P ’s objective is to convince (prove to) the verifier the truth of an assertion, e.g., claimed knowledge of a proof that x ∈ L. V either accepts or rejects the interaction with the P . 1.2 Definition of Interactive Proof Systems An interactive proof system for a language L is a protocol PV for communication between a computationally unbounded (exponential time) machine P and a probabilistic poly-time (PPT) machine V such that the protocol satisfies the properties of completeness and sound- ness.
    [Show full text]
  • Sharp Lower Bounds for the Dimension of Linearizations of Matrix Polynomials∗
    Electronic Journal of Linear Algebra ISSN 1081-3810 A publication of the International Linear Algebra Society Volume 17, pp. 518-531, November 2008 ELA SHARP LOWER BOUNDS FOR THE DIMENSION OF LINEARIZATIONS OF MATRIX POLYNOMIALS∗ FERNANDO DE TERAN´ † AND FROILAN´ M. DOPICO‡ Abstract. A standard way of dealing with matrixpolynomial eigenvalue problems is to use linearizations. Byers, Mehrmann and Xu have recently defined and studied linearizations of dimen- sions smaller than the classical ones. In this paper, lower bounds are provided for the dimensions of linearizations and strong linearizations of a given m × n matrixpolynomial, and particular lineariza- tions are constructed for which these bounds are attained. It is also proven that strong linearizations of an n × n regular matrixpolynomial of degree must have dimension n × n. Key words. Matrixpolynomials, Matrixpencils, Linearizations, Dimension. AMS subject classifications. 15A18, 15A21, 15A22, 65F15. 1. Introduction. We will say that a matrix polynomial of degree ≥ 1 −1 P (λ)=λ A + λ A−1 + ···+ λA1 + A0, (1.1) m×n where A0,A1,...,A ∈ C and A =0,is regular if m = n and det P (λ)isnot identically zero as a polynomial in λ. We will say that P (λ)issingular otherwise. A linearization of P (λ)isamatrix pencil L(λ)=λX + Y such that there exist unimod- ular matrix polynomials, i.e., matrix polynomials with constant nonzero determinant, of appropriate dimensions, E(λ)andF (λ), such that P (λ) 0 E(λ)L(λ)F (λ)= , (1.2) 0 Is where Is denotes the s × s identity matrix. Classically s =( − 1) min{m, n}, but recently linearizations of smaller dimension have been considered [3].
    [Show full text]