# 1 Formulating The Low Degree Testing Problem

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 6.895 PCP and Hardness of Approximation MIT, Fall 2010 Lecture 5: Linearity Testing Lecturer: Dana Moshkovitz Scribe: Gregory Minton and Dana Moshkovitz In the last lecture, we proved a weak PCP Theorem, namely, NP P CP 1,0.99 [O(log n), polylog(n)], under the low degree testing assumption, i.e., the assumption that given the table of a function f : F m F, a degree d and access to an auxiliary proof, a probabilistic verifier can test whether f corresponds to a polynomial of degree at most d using a poly-logarithmic number of queries. In this lecture we discuss what should be the exact formulation of the low degree testing assumption. Then we prove this formulation for the special case of d = 1 and F = GF (2). This is the Blum-Luby-Rubinfeld linearity test. In the next lecture we deal with the harder case of general degree d and field F. 1 Formulating The Low Degree Testing Problem Can a local algorithm distinguish polynomials of degree at most d from functions that are not polynomials of degree at most d? The answer to this question is no. For let p be a polynomial of degree at most d, and let p be the function { p p(x) if x x0 (x) = p(x 0 ) + 1 if x = x 0. The function p p is not the zero function, but it has a root everywhere except one point. Because a nonzero polynomials of degree at most d have roots in at most d/ F fraction of the space, we deduce that p p, and so p, cannot be polynomials of degree at most d. Thus a verifier which purports to test for low degree polynomials should pass p but fail p. But of course the probability that any verifier can distinguish p and p is bounded above by the probability that it queries location x 0! If the verifier makes few queries, and we choose x 0 appropriately, then this probability can be made quite small. (To be more precise, if the proof has length l and the verifier makes q queries, then there exists some x 0 for which the probability that the verifier queries x 0 is q/l. We are interested in verifiers in which the proof length grows faster than the number of queries, so this is o(1).) With this in mind, we cannot hope for an exact test of low degree polynomials. What we ask for instead is testing whether the function is close to a low degree polynomial in Hamming distance. Definition 1 (Far/close to low degree). We say that a function f : F m F is δ-far from degree d if for any m-variate polynomial p of degree at most d over F, we have (f, p) δ where we view f and p as vectors (so (f, p) = Pr x F m [f(x) p(x)]). We say that f is δ-close to degree d, if there exists an m-variate polynomial p of degree at most d over F, such that (f, p) δ. 1

2 2 Note that, by definition, if we query a function that is (1 γ)-close to a low degree polynomial on a uniformly random point, then with probability at least (1 γ) we get the same answer as if we queried the low degree polynomial. We will use this observation (as well as additional ideas) to argue that the low degree testing assumption we formulate suffices to prove the weak PCP Theorem. Assumption 1.1 (Low Degree Testing). There are constants δ, γ, γ > 0, such that given the table of a function f : F m F and a degree d δ F, there is a probabilistic verifier for the statement deg f d. The verifier is given access to f and to an auxiliary proof and satisfies the following: Completeness: If deg f d, then there is a proof that the verifier always accepts. Soundness: If f is γ-far from degree d, then for any proof, the verifier rejects with probability at least γ. The verifier uses O(log( F m )) random bits. It makes only F O(1) queries to f. Put differently, the soundness condition says that if, for some auxiliary proof, the verifier accepts with probability more than 1 γ, then there is a polynomial p of degree at most d that agrees with f on 1 γ fraction of the points in F m. 2 Linear Functions In this lecture we consider the case of d = 1, F = GF (2). That is, given a function f : {0, 1} n {0, 1}, we want to test (with high probability) whether f is (close to) a linear function. This special case is not sufficient for proving the PCP Theorem, but it is simpler and its ideas important. We first define what we mean by a linear function. Two different definitions come to mind, so let us show that they are equivalent. Definition. A function f : {0, 1} n {0, 1} is linear if for all x, y {0, 1} n, f(x) + f(y) = f(x + y). Claim. A function f : {0, 1} n {0, 1} is linear iff there exists a vector a = (a 1,..., a n ) {0, 1} n such that f(x) = n i=1 a ix i = a, x. (As we are working in GF (2), addition is of course taken modulo 2.) Proof. The ( ) direction is clear. For the ( ) direction, let {e 1,..., e n } be the standard basis, i.e. e i = (0,..., 0, 1, 0,..., 0), } {{ } 1 in position i and define a i = f(e i ). Then the stated formula follows by linearity. Note that the functions we are calling linear are not affine functions y = ax + b; we require that the constant term be zero.

3 3 The Blum-Luby-Rubinfeld Linearity Test 3 The test we show does not use an auxiliary proof; it only makes queries to f. In this case, the tester has to make at least three queries, as there exist functions f which are far from linear but which have the property that for any two points x, y, there exists a linear function g such that f(x) = g(x) and f(y) = g(y). We will show that three queries suffices, by studying the properties of the following simple test. BLR Test (Blum, Luby, Rubinfeld). Choose uniformly random points x, y {0, 1} n. Test if f(x) + f(y) = f(x + y). This algorithm uses 2n random bits. It makes q = 3 queries. The completeness of this test is 1, because obviously a linear function passes with probability 1. Analyzing the soundness is the interesting part; the answer is given by the following theorem. Theorem (Soundness of BLR). If f is δ-far from linear, then ( 2 Pr[BLR test rejects f] min 9, δ ) 2 Before proving this theorem, we make some remarks. 2δ 9. This result is not tight, as we can prove via Fourier analysis that Pr[rejection] δ. (We will return to this later in the course.) And even that result is not tight in the low order terms! The definition of linearity generalizes to any group G; in the setting of group theory such a map is known as a homomorphism. In fact, the BLR test generalizes to testing homomorphisms on groups. In this setting, the soundness theorem above is tight. For instance, define f : (Z/9) n Z/9 by f(u) = 3k if u 1 {3k 1, 3k, 3k + 1}. (That is, f rounds the first coordinate to the nearest multiple of 3.) This is not linear; one can check that f is (2/3)-far from linear. Hence the soundness theorem tells us that BLR should reject f with probability at least 2/9. In fact, that is exactly the rejection probability, because f(x) + f(y) f(x + y) x 1 y 1 1 mod 3 or x 1 y 1 1 mod 3. 4 Analysis of the Linearity Test The rest of this lecture is devoted to proving the soundness theorem. 4.1 Majority Correction The proof uses the useful idea of majority correction. Fix a function f : {0, 1} n {0, 1} and a point x {0, 1} n. If f is linear, then for any y {0, 1} n we have f(x) = f(y) + f(x y). Thus we may think of each of the 2 n values of y as offering the vote f(y) + f(x y) for f(x). As there are only two possible values for f(x), 0 and 1, one of them must get a majority of the votes. We define a function g by setting g(x) to be the value that receives the most votes.

4 More formally, g : {0, 1} n {0, 1} is defined by 4 { 1 if Pry [f(y) + f(x y) = 1] 1/2 g(x) = 0 otherwise. (We have chosen to always break a tie with the value 1; this was arbitrary, and it will turn out that the definition of g(x) in the case Pr y [f(y) + f(x y) = 1] = 1/2 is unimportant.) It will be useful later to define the probabilities By definition of g(x), P x 1/2 for all x. 4.2 Majority Correction Works P x = Pr y [g(x) = f(y) + f(x y)]. We will obtain the soundness theorem by proving three claims relating properties of the BLR test to the function g. Claim. Pr[BLR rejects f] 1 2 dist(g, f). Proof. Conditioning on whether g(x) = f(x) or not, we have Pr[rejection] = Pr[g(x) f(x)] Pr[rejection g(x) f(x)] + Pr[g(x) = f(x)] Pr[rejection g(x) = f(x)]. We get a lower bound on Pr[rejection] by ignoring the second term. In the first term, notice that Pr[g(x) f(x)] = dist(g, f) by definition of the distance. By definition of g, if g(x) f(x) then f(x) = f(y) + f(x y) for 1 P x 1/2 of the possible values of y. But because we are working over the binary field (so addition and subtraction are the same), the equation f(x) = f(y)+f(x y) is equivalent to the BLR test f(x+y) = f(x)+f(y). Hence, given g(x) f(x), the BLR test fails with probability at least 1/2. Putting this together, Pr[rejection] 1 2 dist(g, f), as desired. Claim. If Pr[BLR rejects f] < 2 9, then for all x we have P x > 2 3. Proof. Fix x. We compute A = Pr y,z [f(y) + f(x + y) = f(z) + f(x + z)] in two different ways. First, notice that f(y) + f(x + y) equals g(x) with probability P x, and the same is true of f(z) + f(x + z). Using independence of y and z, the probability that both expressions are equal to g(x) is P 2 x, and the probability that they are both equal to g(x) + 1 is (1 P x ) 2. Hence A = P 2 x + (1 P x ) 2. We can also bound A using the probability of BLR rejection. First, rewrite the condition f(y) + f(x + y) = f(z) + f(x + z) as f(y) + f(z) = f(x + y) + f(x + z). By definition of the BLR test, f(y) + f(z) equals f(y + z) with probability 1 Pr[BLR rejects f] > 7/9. As y and z are independent and uniformly sampled, the same is true of x + y and x + z, and so the same argument shows that f(x + y) + f(x + z) = f((x + y) + (x + z)) = f(y + z) with probability > 7/9. Thus f(y) + f(z) = f(y + z) = f(x + y) + f(x + z)

5 with probability > 5/9, so certainly A = Pr[f(y) + f(z) = f(x + y) + f(x + z)] > 5/9. Combining the results of the last two paragraphs, we deduce that 5 P 2 x + (1 P x ) 2 > 5/9. This implies either P x < 1/3 or P x > 2/3. Of course the first case is impossible because P x 1/2, so we must have P x > 2/3 as desired. Claim. If Pr[BLR rejects f] < 2 9, then g is linear. Proof. By the previous claim, we must have P x > 2/3 for all x. Now fix x, y and consider choosing z uniformly at random. Then g(x) equals f(z) + f(x + z) with probability larger than 2/3. Similarly, g(y) equals f(z)+f(y +z) with probability larger than 2/3. The same argument says that g(x + y) equals f(z) + f(z + x + y) with probability larger than 2/3; we can of course replace the uniformly sampled value z by z + x, finding that g(x + y) = f(z + x) + f(z + y) with the same probability (more than 2/3). As each of these three conditions holds with probability larger than 2/3, they hold simultaneously with positive probability. That is, there exists at least one z 0 such that all hold. But this shows that g(x) = f(z 0 ) + f(x + z 0 ), g(y) = f(z 0 ) + f(y + z 0 ), and g(x + y) = f(z 0 + x) + f(z 0 + y) g(x) + g(y) = f(z 0 ) + f(x + z 0 ) + f(z 0 ) + f(y + z 0 ) = f(x + z 0 ) + f(y + z 0 ) = g(x + y). This holds for all x, y, so g is linear, as desired. Putting the last few claims together, we immediately get the soundness theorem. Specifically, we find that either Pr[rejection] 2/9, or else g is linear and so Pr[rejection] 1 2 dist(g, f) 1 dist(f, linear). 2 That is exactly what the soundness theorem asserts, so we are done.

### 1 The Line vs Point Test

6.875 PCP and Hardness of Approximation MIT, Fall 2010 Lecture 5: Low Degree Testing Lecturer: Dana Moshkovitz Scribe: Gregory Minton and Dana Moshkovitz Having seen a probabilistic verifier for linearity

### Linearity and Group Homomorphism Testing / Testing Hadamard Codes

Title: Linearity and Group Homomorphism Testing / Testing Hadamard Codes Name: Sofya Raskhodnikova 1, Ronitt Rubinfeld 2 Affil./Addr. 1: Pennsylvania State University Affil./Addr. 2: Keywords: SumOriWork:

### HOMEWORK 5 SOLUTIONS. n!f n (1) lim. ln x n! + xn x. 1 = G n 1 (x). (2) k + 1 n. (n 1)!

Math 7 Fall 205 HOMEWORK 5 SOLUTIONS Problem. 2008 B2 Let F 0 x = ln x. For n 0 and x > 0, let F n+ x = 0 F ntdt. Evaluate n!f n lim n ln n. By directly computing F n x for small n s, we obtain the following

### minimal polyonomial Example

Minimal Polynomials Definition Let α be an element in GF(p e ). We call the monic polynomial of smallest degree which has coefficients in GF(p) and α as a root, the minimal polyonomial of α. Example: We

### 2.1 Complexity Classes

15-859(M): Randomized Algorithms Lecturer: Shuchi Chawla Topic: Complexity classes, Identity checking Date: September 15, 2004 Scribe: Andrew Gilpin 2.1 Complexity Classes In this lecture we will look

### Lecture 4: AC 0 lower bounds and pseudorandomness

Lecture 4: AC 0 lower bounds and pseudorandomness Topics in Complexity Theory and Pseudorandomness (Spring 2013) Rutgers University Swastik Kopparty Scribes: Jason Perry and Brian Garnett In this lecture,

### (67902) Topics in Theory and Complexity Nov 2, 2006. Lecture 7

(67902) Topics in Theory and Complexity Nov 2, 2006 Lecturer: Irit Dinur Lecture 7 Scribe: Rani Lekach 1 Lecture overview This Lecture consists of two parts In the first part we will refresh the definition

### The Mean Value Theorem

The Mean Value Theorem THEOREM (The Extreme Value Theorem): If f is continuous on a closed interval [a, b], then f attains an absolute maximum value f(c) and an absolute minimum value f(d) at some numbers

### Factoring & Primality

Factoring & Primality Lecturer: Dimitris Papadopoulos In this lecture we will discuss the problem of integer factorization and primality testing, two problems that have been the focus of a great amount

### FIRST YEAR CALCULUS. Chapter 7 CONTINUITY. It is a parabola, and we can draw this parabola without lifting our pencil from the paper.

FIRST YEAR CALCULUS WWLCHENW L c WWWL W L Chen, 1982, 2008. 2006. This chapter originates from material used by the author at Imperial College, University of London, between 1981 and 1990. It It is is

### The Epsilon-Delta Limit Definition:

The Epsilon-Delta Limit Definition: A Few Examples Nick Rauh 1. Prove that lim x a x 2 = a 2. (Since we leave a arbitrary, this is the same as showing x 2 is continuous.) Proof: Let > 0. We wish to find

### FACTORING POLYNOMIALS IN THE RING OF FORMAL POWER SERIES OVER Z

FACTORING POLYNOMIALS IN THE RING OF FORMAL POWER SERIES OVER Z DANIEL BIRMAJER, JUAN B GIL, AND MICHAEL WEINER Abstract We consider polynomials with integer coefficients and discuss their factorization

### Modern Algebra Lecture Notes: Rings and fields set 4 (Revision 2)

Modern Algebra Lecture Notes: Rings and fields set 4 (Revision 2) Kevin Broughan University of Waikato, Hamilton, New Zealand May 13, 2010 Remainder and Factor Theorem 15 Definition of factor If f (x)

### A Brief Introduction to Property Testing

A Brief Introduction to Property Testing Oded Goldreich Abstract. This short article provides a brief description of the main issues that underly the study of property testing. It is meant to serve as

### 10.3 POWER METHOD FOR APPROXIMATING EIGENVALUES

58 CHAPTER NUMERICAL METHODS. POWER METHOD FOR APPROXIMATING EIGENVALUES In Chapter 7 you saw that the eigenvalues of an n n matrix A are obtained by solving its characteristic equation n c nn c nn...

### Influences in low-degree polynomials

Influences in low-degree polynomials Artūrs Bačkurs December 12, 2012 1 Introduction In 3] it is conjectured that every bounded real polynomial has a highly influential variable The conjecture is known

### Notes 11: List Decoding Folded Reed-Solomon Codes

Introduction to Coding Theory CMU: Spring 2010 Notes 11: List Decoding Folded Reed-Solomon Codes April 2010 Lecturer: Venkatesan Guruswami Scribe: Venkatesan Guruswami At the end of the previous notes,

### Testing Low-Degree Polynomials over

Testing Low-Degree Polynomials over Noga Alon, Tali Kaufman, Michael Krivelevich, Simon Litsyn, and Dana Ron Department of Mathematics, Tel Aviv University, Tel Aviv 69978, Israel and Institute for Advanced

### Applied Algorithm Design Lecture 5

Applied Algorithm Design Lecture 5 Pietro Michiardi Eurecom Pietro Michiardi (Eurecom) Applied Algorithm Design Lecture 5 1 / 86 Approximation Algorithms Pietro Michiardi (Eurecom) Applied Algorithm Design

### Prime Numbers and Irreducible Polynomials

Prime Numbers and Irreducible Polynomials M. Ram Murty The similarity between prime numbers and irreducible polynomials has been a dominant theme in the development of number theory and algebraic geometry.

### Lecture 15 An Arithmetic Circuit Lowerbound and Flows in Graphs

CSE599s: Extremal Combinatorics November 21, 2011 Lecture 15 An Arithmetic Circuit Lowerbound and Flows in Graphs Lecturer: Anup Rao 1 An Arithmetic Circuit Lower Bound An arithmetic circuit is just like

### Linear Codes. Chapter 3. 3.1 Basics

Chapter 3 Linear Codes In order to define codes that we can encode and decode efficiently, we add more structure to the codespace. We shall be mainly interested in linear codes. A linear code of length

### H/wk 13, Solutions to selected problems

H/wk 13, Solutions to selected problems Ch. 4.1, Problem 5 (a) Find the number of roots of x x in Z 4, Z Z, any integral domain, Z 6. (b) Find a commutative ring in which x x has infinitely many roots.

### MOP 2007 Black Group Integer Polynomials Yufei Zhao. Integer Polynomials. June 29, 2007 Yufei Zhao yufeiz@mit.edu

Integer Polynomials June 9, 007 Yufei Zhao yufeiz@mit.edu We will use Z[x] to denote the ring of polynomials with integer coefficients. We begin by summarizing some of the common approaches used in dealing

### Algorithmic and Analysis Techniques in Property Testing

Algorithmic and Analysis Techniques in Property Testing Dana Ron School of EE Tel-Aviv University Ramat Aviv, Israel danar@eng.tau.ac.il Abstract Property testing algorithms are ultra -efficient algorithms

### Chapter 4, Arithmetic in F [x] Polynomial arithmetic and the division algorithm.

Chapter 4, Arithmetic in F [x] Polynomial arithmetic and the division algorithm. We begin by defining the ring of polynomials with coefficients in a ring R. After some preliminary results, we specialize

### Practice with Proofs

Practice with Proofs October 6, 2014 Recall the following Definition 0.1. A function f is increasing if for every x, y in the domain of f, x < y = f(x) < f(y) 1. Prove that h(x) = x 3 is increasing, using

### it is easy to see that α = a

21. Polynomial rings Let us now turn out attention to determining the prime elements of a polynomial ring, where the coefficient ring is a field. We already know that such a polynomial ring is a UF. Therefore

### Zeros of Polynomial Functions

Zeros of Polynomial Functions The Rational Zero Theorem If f (x) = a n x n + a n-1 x n-1 + + a 1 x + a 0 has integer coefficients and p/q (where p/q is reduced) is a rational zero, then p is a factor of

### The Division Algorithm for Polynomials Handout Monday March 5, 2012

The Division Algorithm for Polynomials Handout Monday March 5, 0 Let F be a field (such as R, Q, C, or F p for some prime p. This will allow us to divide by any nonzero scalar. (For some of the following,

### Continued Fractions and the Euclidean Algorithm

Continued Fractions and the Euclidean Algorithm Lecture notes prepared for MATH 326, Spring 997 Department of Mathematics and Statistics University at Albany William F Hammond Table of Contents Introduction

### Lecture 10: Distinct Degree Factoring

CS681 Computational Number Theory Lecture 10: Distinct Degree Factoring Instructor: Piyush P Kurur Scribe: Ramprasad Saptharishi Overview Last class we left of with a glimpse into distant degree factorization.

### Lecture 3: Finding integer solutions to systems of linear equations

Lecture 3: Finding integer solutions to systems of linear equations Algorithmic Number Theory (Fall 2014) Rutgers University Swastik Kopparty Scribe: Abhishek Bhrushundi 1 Overview The goal of this lecture

### I. GROUPS: BASIC DEFINITIONS AND EXAMPLES

I GROUPS: BASIC DEFINITIONS AND EXAMPLES Definition 1: An operation on a set G is a function : G G G Definition 2: A group is a set G which is equipped with an operation and a special element e G, called

### Lectures 5-6: Taylor Series

Math 1d Instructor: Padraic Bartlett Lectures 5-: Taylor Series Weeks 5- Caltech 213 1 Taylor Polynomials and Series As we saw in week 4, power series are remarkably nice objects to work with. In particular,

### Lecture 1: Course overview, circuits, and formulas

Lecture 1: Course overview, circuits, and formulas Topics in Complexity Theory and Pseudorandomness (Spring 2013) Rutgers University Swastik Kopparty Scribes: John Kim, Ben Lund 1 Course Information Swastik

### 7. Some irreducible polynomials

7. Some irreducible polynomials 7.1 Irreducibles over a finite field 7.2 Worked examples Linear factors x α of a polynomial P (x) with coefficients in a field k correspond precisely to roots α k [1] of

### The finite field with 2 elements The simplest finite field is

The finite field with 2 elements The simplest finite field is GF (2) = F 2 = {0, 1} = Z/2 It has addition and multiplication + and defined to be 0 + 0 = 0 0 + 1 = 1 1 + 0 = 1 1 + 1 = 0 0 0 = 0 0 1 = 0

### Homework # 3 Solutions

Homework # 3 Solutions February, 200 Solution (2.3.5). Noting that and ( + 3 x) x 8 = + 3 x) by Equation (2.3.) x 8 x 8 = + 3 8 by Equations (2.3.7) and (2.3.0) =3 x 8 6x2 + x 3 ) = 2 + 6x 2 + x 3 x 8

### Revised Version of Chapter 23. We learned long ago how to solve linear congruences. ax c (mod m)

Chapter 23 Squares Modulo p Revised Version of Chapter 23 We learned long ago how to solve linear congruences ax c (mod m) (see Chapter 8). It s now time to take the plunge and move on to quadratic equations.

### Factorization Algorithms for Polynomials over Finite Fields

Degree Project Factorization Algorithms for Polynomials over Finite Fields Sajid Hanif, Muhammad Imran 2011-05-03 Subject: Mathematics Level: Master Course code: 4MA11E Abstract Integer factorization is

### 15. Symmetric polynomials

15. Symmetric polynomials 15.1 The theorem 15.2 First examples 15.3 A variant: discriminants 1. The theorem Let S n be the group of permutations of {1,, n}, also called the symmetric group on n things.

### On the Unique Games Conjecture

On the Unique Games Conjecture Antonios Angelakis National Technical University of Athens June 16, 2015 Antonios Angelakis (NTUA) Theory of Computation June 16, 2015 1 / 20 Overview 1 Introduction 2 Preliminary

### Factoring Cubic Polynomials

Factoring Cubic Polynomials Robert G. Underwood 1. Introduction There are at least two ways in which using the famous Cardano formulas (1545) to factor cubic polynomials present more difficulties than

### 5. Factoring by the QF method

5. Factoring by the QF method 5.0 Preliminaries 5.1 The QF view of factorability 5.2 Illustration of the QF view of factorability 5.3 The QF approach to factorization 5.4 Alternative factorization by the

### 2.3 Convex Constrained Optimization Problems

42 CHAPTER 2. FUNDAMENTAL CONCEPTS IN CONVEX OPTIMIZATION Theorem 15 Let f : R n R and h : R R. Consider g(x) = h(f(x)) for all x R n. The function g is convex if either of the following two conditions

### some algebra prelim solutions

some algebra prelim solutions David Morawski August 19, 2012 Problem (Spring 2008, #5). Show that f(x) = x p x + a is irreducible over F p whenever a F p is not zero. Proof. First, note that f(x) has no

### 1 Message Authentication

Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions

### 3.2 The Factor Theorem and The Remainder Theorem

3. The Factor Theorem and The Remainder Theorem 57 3. The Factor Theorem and The Remainder Theorem Suppose we wish to find the zeros of f(x) = x 3 + 4x 5x 4. Setting f(x) = 0 results in the polynomial

### Math 231b Lecture 35. G. Quick

Math 231b Lecture 35 G. Quick 35. Lecture 35: Sphere bundles and the Adams conjecture 35.1. Sphere bundles. Let X be a connected finite cell complex. We saw that the J-homomorphism could be defined by

### (x + a) n = x n + a Z n [x]. Proof. If n is prime then the map

22. A quick primality test Prime numbers are one of the most basic objects in mathematics and one of the most basic questions is to decide which numbers are prime (a clearly related problem is to find

### U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009. Notes on Algebra

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009 Notes on Algebra These notes contain as little theory as possible, and most results are stated without proof. Any introductory

### 1 Lecture: Integration of rational functions by decomposition

Lecture: Integration of rational functions by decomposition into partial fractions Recognize and integrate basic rational functions, except when the denominator is a power of an irreducible quadratic.

### Notes from Week 1: Algorithms for sequential prediction

CS 683 Learning, Games, and Electronic Markets Spring 2007 Notes from Week 1: Algorithms for sequential prediction Instructor: Robert Kleinberg 22-26 Jan 2007 1 Introduction In this course we will be looking

### 1 if 1 x 0 1 if 0 x 1

Chapter 3 Continuity In this chapter we begin by defining the fundamental notion of continuity for real valued functions of a single real variable. When trying to decide whether a given function is or

### (a) Write each of p and q as a polynomial in x with coefficients in Z[y, z]. deg(p) = 7 deg(q) = 9

Homework #01, due 1/20/10 = 9.1.2, 9.1.4, 9.1.6, 9.1.8, 9.2.3 Additional problems for study: 9.1.1, 9.1.3, 9.1.5, 9.1.13, 9.2.1, 9.2.2, 9.2.4, 9.2.5, 9.2.6, 9.3.2, 9.3.3 9.1.1 (This problem was not assigned

### Inner Product Spaces

Math 571 Inner Product Spaces 1. Preliminaries An inner product space is a vector space V along with a function, called an inner product which associates each pair of vectors u, v with a scalar u, v, and

### Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption

Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption Ronald Cramer Victor Shoup December 12, 2001 Abstract We present several new and fairly practical public-key

### NP-Completeness I. Lecture 19. 19.1 Overview. 19.2 Introduction: Reduction and Expressiveness

Lecture 19 NP-Completeness I 19.1 Overview In the past few lectures we have looked at increasingly more expressive problems that we were able to solve using efficient algorithms. In this lecture we introduce

### MATH 4330/5330, Fourier Analysis Section 11, The Discrete Fourier Transform

MATH 433/533, Fourier Analysis Section 11, The Discrete Fourier Transform Now, instead of considering functions defined on a continuous domain, like the interval [, 1) or the whole real line R, we wish

### PUTNAM TRAINING POLYNOMIALS. Exercises 1. Find a polynomial with integral coefficients whose zeros include 2 + 5.

PUTNAM TRAINING POLYNOMIALS (Last updated: November 17, 2015) Remark. This is a list of exercises on polynomials. Miguel A. Lerma Exercises 1. Find a polynomial with integral coefficients whose zeros include

### Elementary Number Theory We begin with a bit of elementary number theory, which is concerned

CONSTRUCTION OF THE FINITE FIELDS Z p S. R. DOTY Elementary Number Theory We begin with a bit of elementary number theory, which is concerned solely with questions about the set of integers Z = {0, ±1,

### FOUNDATIONS OF ALGEBRAIC GEOMETRY CLASS 22

FOUNDATIONS OF ALGEBRAIC GEOMETRY CLASS 22 RAVI VAKIL CONTENTS 1. Discrete valuation rings: Dimension 1 Noetherian regular local rings 1 Last day, we discussed the Zariski tangent space, and saw that it

### 6 EXTENDING ALGEBRA. 6.0 Introduction. 6.1 The cubic equation. Objectives

6 EXTENDING ALGEBRA Chapter 6 Extending Algebra Objectives After studying this chapter you should understand techniques whereby equations of cubic degree and higher can be solved; be able to factorise

### The Dirichlet Unit Theorem

Chapter 6 The Dirichlet Unit Theorem As usual, we will be working in the ring B of algebraic integers of a number field L. Two factorizations of an element of B are regarded as essentially the same if

### PROBLEM SET 6: POLYNOMIALS

PROBLEM SET 6: POLYNOMIALS 1. introduction In this problem set we will consider polynomials with coefficients in K, where K is the real numbers R, the complex numbers C, the rational numbers Q or any other

### INTRODUCTION TO CODING THEORY: BASIC CODES AND SHANNON S THEOREM

INTRODUCTION TO CODING THEORY: BASIC CODES AND SHANNON S THEOREM SIDDHARTHA BISWAS Abstract. Coding theory originated in the late 1940 s and took its roots in engineering. However, it has developed and

### Short Programs for functions on Curves

Short Programs for functions on Curves Victor S. Miller Exploratory Computer Science IBM, Thomas J. Watson Research Center Yorktown Heights, NY 10598 May 6, 1986 Abstract The problem of deducing a function

### Quotient Rings and Field Extensions

Chapter 5 Quotient Rings and Field Extensions In this chapter we describe a method for producing field extension of a given field. If F is a field, then a field extension is a field K that contains F.

### CHAPTER SIX IRREDUCIBILITY AND FACTORIZATION 1. BASIC DIVISIBILITY THEORY

January 10, 2010 CHAPTER SIX IRREDUCIBILITY AND FACTORIZATION 1. BASIC DIVISIBILITY THEORY The set of polynomials over a field F is a ring, whose structure shares with the ring of integers many characteristics.

### Tim Kerins. Leaving Certificate Honours Maths - Algebra. Tim Kerins. the date

Leaving Certificate Honours Maths - Algebra the date Chapter 1 Algebra This is an important portion of the course. As well as generally accounting for 2 3 questions in examination it is the basis for many

### 3 1. Note that all cubes solve it; therefore, there are no more

Math 13 Problem set 5 Artin 11.4.7 Factor the following polynomials into irreducible factors in Q[x]: (a) x 3 3x (b) x 3 3x + (c) x 9 6x 6 + 9x 3 3 Solution: The first two polynomials are cubics, so if

### Integer Factorization using the Quadratic Sieve

Integer Factorization using the Quadratic Sieve Chad Seibert* Division of Science and Mathematics University of Minnesota, Morris Morris, MN 56567 seib0060@morris.umn.edu March 16, 2011 Abstract We give

### Rolle s Theorem. q( x) = 1

Lecture 1 :The Mean Value Theorem We know that constant functions have derivative zero. Is it possible for a more complicated function to have derivative zero? In this section we will answer this question

### APPLICATIONS OF THE ORDER FUNCTION

APPLICATIONS OF THE ORDER FUNCTION LECTURE NOTES: MATH 432, CSUSM, SPRING 2009. PROF. WAYNE AITKEN In this lecture we will explore several applications of order functions including formulas for GCDs and

### Private Approximation of Clustering and Vertex Cover

Private Approximation of Clustering and Vertex Cover Amos Beimel, Renen Hallak, and Kobbi Nissim Department of Computer Science, Ben-Gurion University of the Negev Abstract. Private approximation of search

### Multiplicity. Chapter 6

Chapter 6 Multiplicity The fundamental theorem of algebra says that any polynomial of degree n 0 has exactly n roots in the complex numbers if we count with multiplicity. The zeros of a polynomial are

### Math 4310 Handout - Quotient Vector Spaces

Math 4310 Handout - Quotient Vector Spaces Dan Collins The textbook defines a subspace of a vector space in Chapter 4, but it avoids ever discussing the notion of a quotient space. This is understandable

### LINEAR ALGEBRA W W L CHEN

LINEAR ALGEBRA W W L CHEN c W W L Chen, 1997, 2008 This chapter is available free to all individuals, on understanding that it is not to be used for financial gain, and may be downloaded and/or photocopied,

### 2.3. Finding polynomial functions. An Introduction:

2.3. Finding polynomial functions. An Introduction: As is usually the case when learning a new concept in mathematics, the new concept is the reverse of the previous one. Remember how you first learned

### Offline sorting buffers on Line

Offline sorting buffers on Line Rohit Khandekar 1 and Vinayaka Pandit 2 1 University of Waterloo, ON, Canada. email: rkhandekar@gmail.com 2 IBM India Research Lab, New Delhi. email: pvinayak@in.ibm.com

Adaptive Online Gradient Descent Peter L Bartlett Division of Computer Science Department of Statistics UC Berkeley Berkeley, CA 94709 bartlett@csberkeleyedu Elad Hazan IBM Almaden Research Center 650

### Some facts about polynomials modulo m (Full proof of the Fingerprinting Theorem)

Some facts about polynomials modulo m (Full proof of the Fingerprinting Theorem) In order to understand the details of the Fingerprinting Theorem on fingerprints of different texts from Chapter 19 of the

### Lecture 11: The Goldreich-Levin Theorem

COM S 687 Introduction to Cryptography September 28, 2006 Lecture 11: The Goldreich-Levin Theorem Instructor: Rafael Pass Scribe: Krishnaprasad Vikram Hard-Core Bits Definition: A predicate b : {0, 1}

### 0.1 Phase Estimation Technique

Phase Estimation In this lecture we will describe Kitaev s phase estimation algorithm, and use it to obtain an alternate derivation of a quantum factoring algorithm We will also use this technique to design

### Approximation Algorithms

Approximation Algorithms or: How I Learned to Stop Worrying and Deal with NP-Completeness Ong Jit Sheng, Jonathan (A0073924B) March, 2012 Overview Key Results (I) General techniques: Greedy algorithms

### 8.1 Makespan Scheduling

600.469 / 600.669 Approximation Algorithms Lecturer: Michael Dinitz Topic: Dynamic Programing: Min-Makespan and Bin Packing Date: 2/19/15 Scribe: Gabriel Kaptchuk 8.1 Makespan Scheduling Consider an instance

### 8.1 Min Degree Spanning Tree

CS880: Approximations Algorithms Scribe: Siddharth Barman Lecturer: Shuchi Chawla Topic: Min Degree Spanning Tree Date: 02/15/07 In this lecture we give a local search based algorithm for the Min Degree

### FUNCTIONAL ANALYSIS LECTURE NOTES: QUOTIENT SPACES

FUNCTIONAL ANALYSIS LECTURE NOTES: QUOTIENT SPACES CHRISTOPHER HEIL 1. Cosets and the Quotient Space Any vector space is an abelian group under the operation of vector addition. So, if you are have studied

### 3.4 Complex Zeros and the Fundamental Theorem of Algebra

86 Polynomial Functions.4 Complex Zeros and the Fundamental Theorem of Algebra In Section., we were focused on finding the real zeros of a polynomial function. In this section, we expand our horizons and

### Introduction to Finite Fields (cont.)

Chapter 6 Introduction to Finite Fields (cont.) 6.1 Recall Theorem. Z m is a field m is a prime number. Theorem (Subfield Isomorphic to Z p ). Every finite field has the order of a power of a prime number

### Basics of Polynomial Theory

3 Basics of Polynomial Theory 3.1 Polynomial Equations In geodesy and geoinformatics, most observations are related to unknowns parameters through equations of algebraic (polynomial) type. In cases where

### CSC2420 Fall 2012: Algorithm Design, Analysis and Theory

CSC2420 Fall 2012: Algorithm Design, Analysis and Theory Allan Borodin November 15, 2012; Lecture 10 1 / 27 Randomized online bipartite matching and the adwords problem. We briefly return to online algorithms

### Problem Set 7 - Fall 2008 Due Tuesday, Oct. 28 at 1:00

18.781 Problem Set 7 - Fall 2008 Due Tuesday, Oct. 28 at 1:00 Throughout this assignment, f(x) always denotes a polynomial with integer coefficients. 1. (a) Show that e 32 (3) = 8, and write down a list

### Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2

### A Sublinear Bipartiteness Tester for Bounded Degree Graphs

A Sublinear Bipartiteness Tester for Bounded Degree Graphs Oded Goldreich Dana Ron February 5, 1998 Abstract We present a sublinear-time algorithm for testing whether a bounded degree graph is bipartite

### 1 Homework 1. [p 0 q i+j +... + p i 1 q j+1 ] + [p i q j ] + [p i+1 q j 1 +... + p i+j q 0 ]

1 Homework 1 (1) Prove the ideal (3,x) is a maximal ideal in Z[x]. SOLUTION: Suppose we expand this ideal by including another generator polynomial, P / (3, x). Write P = n + x Q with n an integer not

### Section 3.7. Rolle s Theorem and the Mean Value Theorem. Difference Equations to Differential Equations

Difference Equations to Differential Equations Section.7 Rolle s Theorem and the Mean Value Theorem The two theorems which are at the heart of this section draw connections between the instantaneous rate