Quick viewing(Text Mode)

On Helping and Interactive Proof Systems

On Helping and Interactive Proof Systems

On Helping and Interactive Pro of Systems

V Arvind J Kobler R Schuler

Department of Computer Science Theoretische Informatik

Institute of Mathematical Sciences Universitat Ulm

Madras India D Ulm Germany

Abstract

Weinvestigate the complexity of honest provers in interactive pro of systems This

corresp onds precisely to the complexity of oracles helping the computation of robust

probabilistic oracle machines We obtain upp er b ounds for languages in FewEXP and

for sparse sets in NPFurther interactive proto cols with provers that are reducible to

sets of low information content are considered Sp ecicallyiftheverier communicates

p

only with provers in Pp oly then the accepted language is lowfor In the case that

the provers are p olynomialtime reducible to log sparse sets or to sets in strongPlog

then the proto col can b e simulated bytheverier even without the help of provers As

a consequence we obtain new collapse results under the assumption that intractable

sets reduce to sets with low information content

Intro duction and overview of results

Two extensions of the concept of NP as the class of languages with ecient pro ofs of

memb ership Co o namely the class IP of languages that have single prover interactive

pro of proto cols and the class MIP of languages with multiprover interactiv e pro of proto cols

formal denitions are given in the next section havebeenshown to characterize the

complexity classes PSPACE and NEXP resp ectively Sh BFL

In the interactive pro of system mo del of computation GMR one or more provers try

to convince a probabilistic p olynomial time verier that a given input is a memb er of the

considered language The proto col has the following b ehavior if an input is in the language

then there are provers that convince the verier to accept with high probability On the

other hand if the input is not in the language then no set of provers can convince the

verier with more than negligible probability Arthur Merlin games intro duced in Bab

are sp ecial cases of singleprover interactive pro of systems in which the random choices of

the verier called Arthur are public and therefore visible to Merlin the prover In Bab

it is shown that for any constant k ak round interaction AMk can b e substituted bya

p

two round proto col AM AM and that AM is contained in the second level of the

p olynomial time hierarchy Here AMk denotes a k round interaction of messages b etween

Arthur and Merlin where the rst message is from Arthur The class MA of languages

Part of the work was done while visiting Universitat Ulm Supp orted in part by an Alexander von

Humb oldt research fellowship

accepted byatwo round proto col starting with a message from Merlin is an apparently

smaller class than AM

It turned out that the apparently restricted Arthur Merlin games mo del is as p owerful

as the general interactive pro of systems In fact anyinteractive pro of system can b e

simulated byanArthur Merlin game GS BM with only a constant increase in the

numb er of rounds In general the notation AM is used to denote singleprover interactive

pro of systems with a constantnumber of interaction whereas IP is used if there is no

restriction Following the advances made in LFKN it was nally shown in Sh that

PSPACE IP Subsequentlyitwas shown that multiprover interactive pro of systems can

accept all of NEXP BFL Intuitively the multiprover mo del is more p owerful since

the verier can use one prover to check that the answers of another prover do not dep end

on previous queries made to him This is made precise in the pro of of Babai et al of

the ab ove mentioned result where it is shown that a p olynomial number of provers can

b e substituted bytwoprovers One prover answers all the queries of the original proto col

and the second is only used to verify that the answers do not dep end on the history of

interaction

teractive pro of systems which is also the main An interesting issue that arises in in

concern of this pap er is b ounding the complexity of the honest provers that make the

verier accept a given language For example it is known Fe Sh that each language

in PSPACE has an IP proto col with prover of complexity PSPACE The result of Lund

PP

et al LFKN implies that P has IP proto cols with prover complexity PP Similarly

EXP has MIP proto cols of prover complexity EXP BFL

Let IPC and MIPC denote resp ectively the class of languages with prover complexity

b ounded by FPC ie the class of functions computable by p olynomialtime b ounded

transducers with access to an oracle from the class C In this notation we summarize some

of the known results on upp er b ounds for prover complexity

Theorem

Fe Sh PSPACE IPPSPACE

PP

LFKNP IPPP

BF P IP P

NP

BFL NEXP MIPEXP

BFL EXP MIPEXP

A surprising application of Theorem to classical structural complexity is the follo

wing corollary

Corollary LFKN BFL For KfPP PSPACE EXPgifKPp oly then

K MA

p

The ab ove result improves previously known collapses to under the same assumption

obtained by Meyer Karp and Lipton KL This is particularly interesting since it is

p

under the assumption NP Pp oly KL cannot b e known that the collapse of PH to

p

improved to with relativizable pro of metho ds Hel and the LFKN proto col is known

to b e not relativizable FS FRS

The crux of the pro of of Corollary is as follows if K is contained in Pp oly then by

Theorem every language in K has an MIP proto col in which the provers are p olynomial

size circuits This proto col can b e simulated by an MA proto col where Merlin simply sends

the circuits for the provers to Arthur in the rst round LFKN BFL

We observe that the MA proto col in the ab ove pro ofsketch can b e seen as a single prover

proto col with prover complexityinPpoly Thus we can identify the classes MIPPp oly

and IP Ppoly of interactive pro of systems in which the provers are p olynomial size circuits

MIPPp oly IPPp oly MA

NP

On the other hand in the case of NEXP the NEXP MIPEXP characterization

do es not app ear to directly imply any signicant collapse of NEXP under the assumption

NEXP Pp oly It is due to the very high upp er b ound on the prover complexityA

related result has b een proved by Buhrman and Homer BH who showed that under a

p

NP NP

stronger assumption EXP Pp oly it holds that EXP

An imp ortant motivation of the present pap er is to explore further applications of

characterizations of complexity classes using interactive pro of systems in order to derive

new collapse consequences assuming that the considered class has p olynomial size circuits

We note that in Babai et al BFL it is an op en question as to whether the upp er

NP

b ound of EXP for the prover complexity for NEXP can b e improved The reason for

the apparently weak upp er b ound is that all provers must have access to the same tableau

of an accepting NEXP computation To wit the high prover complexity is the cost of

disambiguating down to one consistent NEXP computation

As a rst step weshow that FewEXP languages accepted by NEXP machines that

FewEXP

have at most exp onentially many accepting paths are contained in MIPNP

FewEXP

Theorem FewEXP MIPNP

FewEXP NP

It is to b e noted that NP is a substantially smaller class of provers than EXP

FewEXP

NEXP

Indeed since NP is known to b e contained in P Hem it follows that

FewEXP MIPNEXP As a consequence of Theorem we can extend Corollary to

the class K FewEXP

Corollary If FewEXP Pp oly then FewEXP MA MIPPp oly

As observ ed bySchoning Sch there is a close relationship b etween the complexityof

provers in interactive pro of systems and the complexity of oracles helping the computation

of robust oracle machines A machine M is called robust if LM LM Bforall

oracles B and an oracle A onesided helps the computation of M if M with oracle

A runs in p olynomial time on all inputs x resp x LM The notion of

helping by robust deterministic oracle machines was intro duced bySchoning Sch and

was extended to onesided helping byKoKo In a sense the notion of helping by robust

machines was a forerunner to the concept of interactive pro of systems Indeed it follows

from the probabilistic oracle machine characterization of MIP in FRS that the class

MIPC coincides with the class BPP C of languages accepted by probabilistic robust

help

machines with the onesided help of an oracle from C With this interpretation Theorem

FewEXP

shows that NP oracles are able to give onesided help to the computation of languages

in FewEXP On the other hand the inclusion MIPPp oly MA can b e interpreted as

stating that oracles in Pp oly cannot help the computation of languages outside MA

An interesting op en question is whether Pp oly provers are useful at all ie whether

MIPPp oly contains sets that are not in BPP As follows from the next theorem settling

this question is likely to b e very hard since a negative answer would imply that all sparse

NP sets are already in BPP which in turn implies that NE is contained in BPE known to

b e false in relativized worlds

Theorem All sparse NP sets are contained in P Ppoly

help

In Koitisshown that every set A accepted by a robust deterministic oracle machine

p

with the onesided help of an oracle from Pp oly ie A P Pp oly is lowfor

help

Since P Ppoly MIPPp oly the following theorem extends b oth the ab ove

help

p

mentioned result of Ko and the lowness of BPP for Sip ZHSch

p

Theorem MIPPp oly is low for

Considering MIP proto cols with provers reducible to sets of very low information content

eg to sets in strongPlog or to log sparse sets we show that such provers cannot help

the verier to accept languages outside of BPP

Theorem Let A be a log sparse set and let B b e a set in strongPlog Then

MIPA MIPB BPP

These results extend the work of Ko Ko showing that every log sparse set A and

every set B in strongPlog are nohelp ers ie P A P B P While

help help

Theorem is its parallel the fact that the verier is probabilistic intro duces new dif

culties in the case of log sparse sets which are handled in the pro of Theorem has

again certain collapse consequences

Corollary Let A be a log sparse set or a set in strongPlog

A

NP BPP implies PH BPP

A

K BPP For any class K fPP PSPACE EXPg KBPP implies

Preliminaries

In this section wegive preliminary denitions and notation used in the pap er We x the

n n

alphab et for languages as f gFor a set A A A denotes the set of

all strings in A of length n up to length n resp ectively The cardinality of a set A is

denoted by jAj The length of a string x is also denoted jxjby abuse of notation

Since always lower case is used to denote strings and upp er case is used for sets there is

n

no ambiguity A set S is called sparse if jS j is b ounded ab oveby a p olynomial

To enco de pairs or tuples of strings we use a standard p olynomialtime computable

pairing function denoted by h i whose inverses are also computable in p olynomial time

O

n

Following standard notation BDG we denote the complexity classes DTIME

O

n

NTIME of languages accepted by nondeterministic Turing machines in time

poly linear

by EXP resp NEXP The corresp onding time b ounded classes are denoted

by E and NE

Denition A language L is in FewEXP if therearepolynomials p and q such that

pn

there is a nondeterministic machine M accepting A in time with the property that on

q n

any input of size nM has at most accepting paths

The class FewEXP is just the FewP analogue for nondeterministic exp onential time

Denition KL AsetL is in Ppoly if there exists a set B Papolynomial q

n n

and a sequence a of strings such that ja jq n and L fx jhx a iB g

n n n n

It is wellknown that Pp oly coincides with the class of languages which can b e reco

gnized by a nonuniform family of p olynomialsize circuits

The denition of multiprover interactive pro of systems rst app eared in BenOr et al

BGKW and Babai et al BFL

Denition Let p bea polynomial and V bea probabilistic polynomial time machine

Thereisamultiprover interactive ie MIP protocol for a language Lifforeveryn there

n

areprovers P P k pn such that for every x

k

L ProbP P make V accept x

k

x L P P ProbP P make V accept

k k

where the set of provers P P are machines of unlimitedcomputational power which

k

share the input tape with V and V shares a separate communication tapewitheach prover

P

i

The class of languages accepted by an MIP proto col is denoted MIP and the class of

languages with an IP proto col where k intheabove denition is denoted IPWe

denote by MIPC and IPC the resp ective language classes where the pro ver complexityis

b ounded byFPC

We shall also use in this pap er Schonings notion of robust probabilistic machines Sch

which coincides with the probabilistic oracle machine characterization of MIP in FRS

The notion of robust deterministic machines was earlier intro duced bySchoning in the

deterministic setting Sch and is further studied in Ko

Denition Sch Ko A language L is in P Aifthere exist a deterministic

help

oracle Turing machine M and a polynomial p such that the fol lowing robustness and helping

properties hold

for every oracle B LM BL robustness

A

for al l inputs x L M x halts in pjxj steps onesidedhelping

P C denotes the class of languages L such that L P A for some set A C

help help

Denition FRSSch A language L is in BPP Aifthere exists a pro

help

babilistic polynomial time oracle Turing machine M such that the fol lowing probabilistic

helping and robustness properties hold

A

for al l inputs x L ProbM x onesidedhelping

B

for al l inputs x L and al l oracles B ProbM x robustness

For other standard denitions used in the pap er we refer the reader to a standard b o ok on

structural complexity theory BDG

The next theorem states that BPP exactly characterizes MIP where the comple

help

xity of the helping oracle corresp onds to the prover complexity in the MIP mo del

Theorem FRS For al l sets A BPP A MIPA

help

The following prop osition shows that interestinglyforany complexity class C b oth

C

C and BPP have the same helping p ower Moreover the classes IP and MIP are closed

under application of the BP op erator

Prop osition For every class C

C

BP IPC IP BPP IPC

C

BP MIPC MIPBPP MIPC

A have b oth MIP proto cols with provers Lozano and Toran LT proved that if A and

A

in FP then A Pp oly implies that A is lowforMAByatechnical extension of their

pro of we get the following theorem

Theorem MIPPp oly coMIPPp oly is low for MIPPpoly

Corollary If coNP MIPPp olythenPH MIPPp oly

Pro of Assume that coNP MIPPp oly Since NP is contained in P NP

help

Ko and since MIPPp oly Pp oly it follows that NP P NP MIPNP

help

MIPPp oly By Theorem this implies the collapse of PH to MIPPp oly

An interesting op en question is whether coNP is contained in MIPPH A p ositive

answer would imply that the assumption of Corollary could b e weakened to NP

Pp oly The b est known upp er b ound for the prover complexity in the case of coNP

languages is P ie coNP MIPP Since coNP BP PVaVaTo this

follows by combining the result of Babai and Fortnow BF that P IPP with the

ab ove Prop osition Moreover together with the result of Lund et al LFKN that

PP

P IPPP we get the following corollary

Corollary

P

IPP MIPP BPP

PP

IPPP MIPPP BPP

As shown in LT the graph isomorphism problem GI is low for MA if it is contained

in Pp oly This follows from the result of Lozano and Toran mentioned ab ove and the

fact GMWSchn that GI and its complement are b oth contained in IPGI Using

Theorem we get the following improvement

Corollary If GI is containedin Pp oly then GI is low for MIPPp oly

Finallywe observe that MIPGI IP GI In general if b oth L and L haveanIPL

proto col then every MIPL proto col can b e simulated byanIPL proto col in the following

way substitute every query to one of the provers by a query to the single prover and

dep ending on the answer a simulation of the IP proto col of either L or of L to verify

that the answer of the prover is correct

L areinIPLthenMIPL IPL Theorem If L and

Notice that the assumption of the ab ove theorem implies that L is checkable in the

sense of BK meaning that L and L are in MIPL

Few exp onential time computations and MIP proto cols

Although it is known that MIP NEXP BFL it is op en whether provers of complexity

NEXP are sucient Following the pro of of MIP NEXP it app ears that all the honest

provers must have access to the same tableau of an NEXP machine For the cost of

NP

disambiguating down to one consistent tableau the provers need EXP computational

power so that the provers can compute bit by bit a lexicographically rst tableau for the

NEXP language b eing veried BFL

In this section we prove as the main result that if wehaveaFewEXP language A

then the complexity of honest provers in the MIP proto col of Babai et al BFL can b e

FewEXP

b ounded byNP In the pro of we use the notion of branchpoints

Denition Let T bethecomputation tree of a nondeterministic Turing machine M

on some input xAnode t in T is cal leda branchpoint if thereareaccepting computations

along both descendants of t

The idea for the provers to access a consisten t tableau is as follows Every accepting

computation w on some input x LM is uniquely determined by the nondeterministic

choices at the branch p oints In fact it suces to know the levels of the branchpoints

together with the nondeterministic choices Therefore every accepting path going through k

branchpoints at levels i i can b e succinctly describ ed by the list hi i b b i

k k k

where b is the nondeterministic choice at level i This idea is made precise by the following

j j

lemma

Lemma For every FewEXP machine M there exists a function f computable in

FewEXP

FPNP which for every x LM computes a tuple hi i b b isuch

k k

that there exists exactly one accepting path of M on input x that has bit b at position i

j j

for j k

Pro of For x LM we dene f x as the lexicographically smallest string

hi i b b i such that there is exactly one accepting path of M on input x which

k k

branches at level i according to bit b forj k For x LM welet f x

j j

undened

pjxj

Since the numb er of accepting paths on input x LM is at most for some

p olynomial p there exists an accepting path w w w w that go es through at most

r

i b e the resp ectivelevels of the branch p oints on pjxj many branchpoints Let i

k

w i is of p olynomial length in jxj and uniquely w Then the tuple hi i w

i k i

k

describ es w This shows that the length of f x is p olynomially b ounded in jxjTo show

FewEXP

that f is in FPNP consider the language B dened as

B fhx i i b b ijk pjxj and there exists exactly one accep

k k

ting path of M on input x that has bit b at level i forj kg

j j

FewEXP

hine it is immediate that B P Thus Using the fact that M is a FewEXP mac

for an input string x f x can b e computed by prex searchby querying an appropriate

FewEXP

prex version of the language B whichisinNP

Lemma Let M beaFewEXP machine Then for every x LM anaccepting path

of M on input x can becomputedinexponential time with a FewEXP oracle whereall

oracle queries are of length polynomial in jxj

Pro of Consider the function f in Lemma For every x LM f x is a tuple that

uniquely identies one accepting computation path of M on input x Once the value of

f x is computed every bit of the path can b e determined by a single query of p olynomial

length to the FewEXP language

T fhx i i b b i b ijk pjxj and there is an accepting

k k i

path for M x with bits b b at levels i i and with the bit

k k

at level i as b g

i

FewEXP

Since f is in FPNP it is computable in exp onential time with a FewEXP oracle

where all queries are of p olynomial length

FewEXP

Theorem FewEXP MIPNP

Pro of The pro of uses the fact shown in BFL that any NEXP language B has a

multiprover proto col with prover complexity b ounded by EXP provided that for a given

input x B all honest provers have access to the same tableau of an accepting computation

of the underlying NEXP machine on input xLetA b e a language in FewEXP accepted bya

FewEXP machine M By Lemma the honest provers can compute the description f x

FewEXP

of an accepting path w in p olynomial time by asking a suitable NP oracle Having

x

computed f x they can generate the same answers as the honest provers in the BFL

proto col in p olynomial time by feeding a suitable FewEXP oracle F with the description

f x as part of the queries The FewEXP machine accepting F uses the description f x

to guess the corresp onding accepting path of M on input x and then simulates the honest

provers of the BFLproto col

Corollary

If FewEXP EXPpoly then FewEXP EXP

If FewEXP Ppoly then FewEXP MA MIPPp oly

Pro of By Lemma an accepting path of a FewEXP machine M can b e computed

FewEXP

in EXP where all queries are of p olynomial length Thus if FewEXP EXPpoly

then an accepting path can b e found and veried in EXP by cycling through all advice

strings of p olynomial length This pro ofs

If FewEXP Pp oly then bypartFewEXP EXP and hence it follows by

Corollary BFL that FewEXP MA MIPPp oly

Using the following prop osition containmentofany of the classes PP PSPACE EXP

and FewEXP in MA or MIPPp oly actually implies lowness of the class for MA re

sp ectively MIPPp oly

Prop osition For every class K containing coNP ifK is containedinMA or

MIPPp oly then K is also low for MA respectively MIPPpoly

Pro of Assume that KMA Since coNP AM implies PH AM BHZ and since

p

K MA

coNP MA implies MA it follows that MA MA PH MA

If KMIPPp oly the lowness of K for MIPPpoly follows from Corollary bya

similar argumentasabove

MIP proto cols with small circuits as provers

As already mentioned in the intro duction this section is motivated by Corollary which

gives a collapse of any class KfPSPACE PP EXPg to MA under the assumption that

KPp oly In fact the collapse is actually to the p ossibly smaller class MIPPpoly

Naturally one is led to investigate the complexity of this new class MIPPp oly Werecall

the following prop osition

Prop osition BPP MIPPpoly Ppoly

Next we give an argument showing that it is unlikely that MIPPp oly coincides with

BPP

Theorem All sparse sets in NP arecontainedinP Ppoly

help

Pro of Let S b e a sparse set in NP Then we can construct a deterministic robust machine

M that uses the oracle to p erform a prex search for a witness of the given input xIfa

witness is found then M accepts Otherwise M starts an exhaustive search It is easy to

S see that there exists an oracle in Pp oly helping the computation of M on all inputs x

Since P Ppoly is contained in MIPPp oly the existence of sparse sets in

help

NP n BPP implies that BPP is a prop er sub class of MIPPp oly Using the wellknown

downward separation technique of Bo ok Bowe get the following corollary

Corollary MIPPpoly is not containedin BPP unless NE is a subclass of BPE

p p

This extends the lowness for Next we show that MIPPp oly is actually lowfor

of P Pp oly Ko and of BPP Sip ZHSch The pro of is by an application

help

of universal hash functions

p m

A linear hash function h from to is given by a Bo olean m pmatrix a and

ij

L

p

p

maps any string x x x to some string y y y where y a x

p m i ij j

j

p m

A family H fh h g of linear hash functions from to is said to hash aset

s

p m

X if every x X can b e mapp ed to by some hash function h H whichavoids

k

collisions b etween x and other strings in X

x X k k s y X x y h x h y

k k

We state the actual form of the hashing lemmas required b efore we pro ceed to the pro of

of Theorem The rst two of these lemmas are from Sipser Sip The third is from

GavaldaGav and extends Sipsers second lemma to exp onentially many sets

p p k

Lemma Let A such that there exists a hash family H fh h g

s

k

that hashes A Then A s

p k

Lemma Let A such that jAj Then there exists a hash family H

p k

fh h g that hashes A

k

p k l

Lemma Let A A A such that jA j for every i i Then

l

i

p k

there exists a hash family H fh h g that hashes each A

i

k l

p

MIPPpoly is low for Theorem

Pro of Let A MIPPp oly Then by denition there is a multiprover interactive

proto col we can assume that it is a twoprover proto col BFL Since A MIPPpoly

the honest provers for A are in FPp oly and hence there is a p olynomial p such that for

pm

every length m there is a corresp onding advice string c enco ding the p olynomial

m

size circuits for b oth provers at length m

Wesay that V y w c accepts if on input y the provers corresp onding to the circuits

enco ded by c make V accept on path w Then the ab ove proto col can b e rewritten after

amplifying the error probabilityas

jy j

y A ProbV y w c accepts

jy j

pjy j jy j

y A c ProbV y w c accepts

sjy j

where w is chosen uniformly at random from for a suitable p olynomial s

sjy j

For each instance y and each c let Accy cRej y c denote the set of w

such that V y w c accepts resp ectively rejects Then wehave for all y of length m

smm

if y A then for the correct advice c jRej y c j

m m

smm

if y A then for any advice c jAccy cj

Let k m sm m and l m m pm Wesay that an advice string c of length

sm k m

pm and a hash family H fh h g are go o d for length

k mlm

m if the following coNP predicate holds

m pm

For all y and c H hashes Rej y cor Accy c

m mp

many sets of car Claim For m large enough it holds that for every col lection of

smm sm

dinality at most there exists a hash family H fh h g

k mlm

k m

that simultaneously hashes al l sets in the col lection but no such hash family can hash

sm smm

a set of cardinality

Proof of Claim The rst part follows immediately from Lemma Toprove the second

part assume to the contrary that there exist arbitrary large m such that some hash family

sm k m sm smm

H fh h g hashes a set of cardinality

k mlm

By Lemma it follows that

sm smm k m smm

k ml m k ml m

m

implying that k ml m for arbitrary large m a contradiction

Proof of Claim

Thus for every length m there exists a go o d pair c H and for every such pair it holds

H hashes Accy ci y A i H do es not hash Rej y c As that for all y of length m

a consequence there is a nondeterministic p olynomial time Turing machine M that on

input hy c H i where c H are go o d for length jy j strongly in the sense of Lo decides

memb ership of y in A

input hy c H i

sjy j

guess w w

if w w witness that H do es not hash Accy c then accept

if w w witness that H do es not hash Rej y c then reject

halt in dont know state

p

Now let M be a oracle machine with oracle A accepting some language L We

p

machine M for LWe rst note that on input x the size of the describ e an equivalent

A

queries that M asks is b ounded ab oveby r jxj for some p olynomial r Now our strategy

p

A

to simulate M xbya computation is as follows

First the new machine M x guesses the correct advice strings c for all lengths

m

up to r jxj with which the provers can b e replaced Then it guesses p olynomial

size hash families H m r jxj and veries that all the pairs c H

m m m

A

are go o d Then machine M x simulates M x using the pairs c H to

m m

answer oracle queries y of length mbysimulating the strong computation of

the machine M on input hy c H i

m m

This completes the pro of

Nowwe show that sets of very low information contentarepowerless as provers This

extends the workofKoinKo where he proved that certain oracles do not help the

computation of deterministic robust oracle Turing machines In particular he showed that

oracles in LOGINF do not help deterministic robust oracle machines where LOGINF is

a class that contains all log sparse sets and all sets in strongPlog

Denition Ko

A set A is in strongPlog if there exist a set B P andaconstant c such that for al l n

there exists a string w jw j c log n such that for al l x jxj n x A hx w i B

A language L is in log sparse if there exists a constant k such that for al l n it holds

n

that jL fx j n jxj gj k

The class strongPlog which is a restriction of Pl og in that there exists one advice of

length O log n for all strings of length up to n rather than for all strings of length exactly

n is closed under Turing reductions Weshow that if the provers are restricted to b e Turing

reducible to strongPlog or to log sparse then the accepted languages are in BPP The

pro of idea is to cycle through all oracle answer sequences which can p ossibly b e generated by

oracles of this typ e Since the verier is probabilistic we rst x the random choices of the

computation after amplifying the probability In the case of oracles in strongPlog the

simulating verier accepts if an oracle answer sequence leading to an accepting computation

is found However in the case of log sparse oracles the numb er of oracles that contribute

to the acceptance probability of the input string could b e exp onentially large Thus in

order to avoid that strings not in the language are accepted the simulating verier has

to p erform an additional test verifying that the induced oracle indeed leads to acceptance

with high probability

Theorem MIPstrongPlog BPP

Pro of The basic idea is to cycle through all p ossible advice strings to nd a helping

oracle Assume L BPP A for a strongPlog set A and a BPP machine M

help help

whose running time is b ounded by some p olynomial p and which has an exp onentially small

n

P and c b e a constant witnessing that A strongPlog error probability Let B

Now consider the following pro cedure

input x jxj n

guess randomly random steps for a computation of M

for all w jw j c log pn

simulate the computation of M where every oracle query z is answered

according to hz wi B

if M accepts then accept

reject

Intuitively sp eaking the ab ove pro cedure considers only p olynomially many oracles and

at least one will b e the helping oracle A Therefore if x L the probability that the

pro cedure accepts is larger than If x L this probability is smaller than

c log pn

for n large enough

Theorem Let A bea log sparse set then MIPA BPP

Pro of Assume L BPP A for some log sparse set A and a BPP machine

help help

M which is time b ounded by some p olynomial p and has an exp onentially small error

L

pn

probability For every nlet b e divided into parts A rst part contains all strings

of length smaller than log log n and the second part all strings x log log n jxj pn

Then the rst part contains at most log n many elements and the numb er of strings in

the other part that are in A is b ounded by some constant k Now consider the following

machine M for v v v v denotes the bit v where y is the ith string in lexicographic

m y i

order

input x jxj n

guess randomly random steps for a computation of M

L

for all v jv j log n

for all w jw j pnandjfi j w gj k

i

simulate M and use the pair v w to answer the oracle queries if

L

y is the ith query and jy j log log n answer yes i v If

y

jy j log log n then answer yes i w Let fy y g be the

i q

p ositive queries

if M accepts then

L

k

additional computations of M and accept guess randomly

L

k

if at least one of the computations accepts where the set Y

fy y g fy jjy j log log n and v g is used as oracle

q y

reject

Assume x L jxj n Then the probability that M accepts x with oracle A is

L

larger than Weshow that M accepts with probability larger than The

k

accepting computations of M can b e divided into d sets S dep ending on the p ositive

L i

queries of length at least log log n and smaller than pn Let p b e the probability that a

i

randomly guessed path is in the set S and let I fi j p dgIfwe consider only

i i

sets S where i I then the probability that a path is not in S is smaller than d

i i

k

Therefore the probability that all d paths guessed by M are not in S is smaller

i

P

than Since p the sum of the probabilities that the rst computation

i

iI

k

is in the same set S as at least one of the additional computations is larger than

i

P

p

i

iI

Now assume that x L then the probability that M accepts x is smaller than for

L

k

every oracle Therefore the probabilitythatforany xed set Y one of the randomly

k

guessed computation paths accepts is smaller than Since for every initially

guessed computation of M in the ab ove pro cedure we sum up the probability to accept

L

k

of n k n strings vwwe get that for every such initial computation the probabilityis

k

k

smaller than n k n for n large enough

Corollary Let A bealog sparse set or a set in strongPlog

A

NP BPP implies PH BPP

A

Let KfPP PSPACE EXPg then KBPP implies K BPP

Acknowledgments The authors thank UweSchoning for useful discussions

References

Bab L Babai Trading group theory for randomness th ACM Symp Theory of

Computing

BM L Babai and S Moran ArthurMerlin games a randomized pro of system and a

hierarchyofcomplexity classes Journal of Computer and System Sciences

BGKW M BenOr S Goldwasser J Kilian A Wigderson Multiprover interactive

pro ofs How to remove the intractability assumptions Proc th Ann ACM Symposium

Theory of Computing

BF L Babai L Fortnow Arithmetization A new metho d in structural complexity

Computational Complexity

woprover BFL L Babai L Fortnow C Lund Nondeterministic exp onential time has t

interactive proto cols Computational Complexity

BDG JL Balcazar J Daz and J Gabarro Structural Complexity IIIEATCS Mono

graphs on Theoretical Computer Science Springer Verlag

BK M Blum S Kannan Designing programs that check their work Proc st ACM

Symposium on Theory of Computing

Bo R Bo ok Tally languages and complexity classes Information and Control

BHZ RB Boppana J Hastad and S Zachos Do es coNP have short interactive

pro ofs Information Processing Letters

BH H Buhrman S Homer Sup erp olynomial circuits almost sparse oracles and the

exp onential hierarchy Proc th Foundations of SoftwareTechnology and Theoretical

Computer Science

Co o SA Co ok The complexity of theorem proving pro cedures Proc rdAnn ACM

Symposium Theory of Computing

Fe PFeldman The optimal prover lives in PSPACE manuscript

FRS L Fortnow J Romp el and M Sipser On the p ower of multiprover interactive

proto cols Proc rd Conference on Structure in Complexity Theory

FS L Fortnow and M Sipser Are there interactive proto cols for coNP languages

Information Processing Letters

Gav R Gavalda Bounding the complexity of advice functions Proc th Structurein

Complexity Theory Conference IEEE Computer So ciety Press

GMW O Goldreich S Micali and A Wigderson Pro ofs that yield nothing but their

validity and a metho dology of cryptographic proto col design In Proceedings of the th

Symposium on Foundations of Computer Science

GMR S Goldwasser S Micali C Racko The knowledge complexityofinteractive

pro of systems SIAM Journal on Computing

GS S Goldwasser M Sipser Private coins versus public coins in interactive pro of

systems In S Micali ed Randomness and CompuationVol of Advances in

Computing Research JAI Press

Hel H Heller On relativized exp onential and probabilistic complexity classes Infor

mation and Control

Hem L Hemachandra The strong exp onential hierarchy collapses Journal of Compu

ter and System Sciences

KL RM Karp and RJ Lipton Some connections b etween nonuniform and uniform

y classes In Proc th ACM Symposium Theory of Computer Science complexit

Ko KI Ko On helping by robust oracle machines Theoretical Computer Science

Lo TJ Long Strong nondeterministic p olynomialtime reducibili ties Theoretical

Computer Science

LT A Lozano J Toran On the nonuniform complexity of the graph isomorphism

problem In Complexity Theory Current ResearchCambridge University Press

LFKN C Lund L Fortnow H Karlo N Nisan Algebraic metho ds for interactive

pro of systems Journal of ACM

Schn C PSchnorr Optimal algorithms for selfreducible problems In rd Int Col loq

Automata Languages and Programming Edinburgh University Press

Sch U Schoning Robust algorithms a dierent approach to oracles Theoretical

Computer Science

Sch U Schoning Robust oracle machines Proc th Mathematical Foundations of

Computer Science

Sch U Schoning Probabilistic complexity classes and lowness Journal of Computer

and System Sciences

Sh A Shamir IPPSPACE Journal of ACM

Sip M Sipser A complexity theory approach to randomness Proc th ACM Sym

posium Theory of Computing

To S To da PP is as hard as the p olynomialtime hierarchy SIAM Journal on Com

puting

VaVa LG Valiant and VV Vazirani NP is as easy as detecting unique solutions

Theoretical Computer Science

ZH S Zachos H Heller A decisivecharacterization of BPP Information and Control