# Linearity and Group Homomorphism Testing / Testing Hadamard Codes

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 Title: Linearity and Group Homomorphism Testing / Testing Hadamard Codes Name: Sofya Raskhodnikova 1, Ronitt Rubinfeld 2 Affil./Addr. 1: Pennsylvania State University Affil./Addr. 2: Keywords: SumOriWork: MIT and Tel Aviv University Property testing, sublinear-time algorithms, linearity of functions, group homomorphism, error-correcting codes 1993; Blum, Luby, Rubinfeld Linearity and Group Homomorphism Testing / Testing Hadamard Codes Sofya Raskhodnikova 1, Ronitt Rubinfeld 2 1 Pennsylvania State University 2 MIT and Tel Aviv University Years aud Authors of Summarized Original Work 1993; Blum, Luby, Rubinfeld Keywords Property testing, sublinear-time algorithms, linearity of functions, group homomorphism, error-correcting codes Problem Definition In this article, we discuss the problem of testing linearity of functions and, more generally, testing whether a given function is a group homomorphism. An algorithm for this problem, given by Blum, Luby, and Rubinfeld [9], is part of or is a special case of many important property testers for algebraic properties. Originally designed for program checkers and self-correctors, it has found uses in Probabilistically Checkable Proofs (PCPs), which are an essential tool in proving hardness of approximation. We start by formulating an important special case of the problem, testing linearity of Boolean functions. A function f : {0, 1} n {0, 1} is linear if for some a 1, a 2,..., a n {0, 1}, f(x 1, x 2,..., x n ) = a 1 x 1 + a 2 x 2 + a n x n. The operations in this definition are over F 2. That is, given vectors x = (x 1,..., x n ) and y = (y 1,..., y n ), where x 1,..., x n, y 1,..., y n {0, 1}, the vector x + y = (x 1 + y 1 mod 2,..., x n + y n mod 2). There is another, equivalent, definition of linearity of Boolean functions over {0, 1} n : a function f is linear if for all x, y {0, 1} n,

2 2 f(x) + f(y) = f(x + y). A generalization of a linear function, defined above, is a group homomorphism. Given two finite groups, (G, ) and (H, ), a group homomorphism from G to H is a function f : G H such that for all elements x, y G, f(x) f(y) = f(x y). We would like to test (approximately) whether a given function is linear or, more generally, is a group homomorphism. Next, we define the property testing framework [23; 12]. Linearity testing was the first problem studied in this framework. The linearity tester of Blum, Luby, and Rubinfeld [9] actually preceded the definition of this framework and served as an inspiration for it. Given a proximity parameter ɛ (0, 1), a function is ɛ-far from satisfying a specific property P (such as being linear or being a group homomorphism) if it has to be modified on at least an ɛ fraction of its domain in order to satisfy P. A function is ɛ-close to P if it is not ɛ-far from it. A tester for property P gets a parameter ɛ (0, 1) and an oracle access to a function f. It must accept with probability 3 at least 2/3 if the function f satisfies property P and reject with probability at least 2/3 if f is ɛ-far from satisfying P. Our goal is to design an efficient tester for group homomorphism. Alternative formulation Another way of viewing the same problem is in terms of error correcting codes. Given a function f : G H, we can form a codeword corresponding to f by listing the values of f on all points in the domain. The homomorphism code is the set of all codewords that correspond to homomorphisms from G to H. This is an error-correcting code with large distance because, for two different homomorphisms f, g : G H, the fraction of points x G on which f(x) = g(x) is at most 1/2. In the special case when G is {0, 1} n and H is {0, 1}, we get the Hadamard code. Our goal can be formulated as follows: Design an efficient algorithm that tests whether a given string is a codeword of a homomorphism code (or ɛ-far from it). Key Results The linearity (homomorphism) tester designed by Blum, Luby, and Rubinfeld [9] repeats the following test several times, until the desired success probability is reached, and accepts iff all iterations accept. Algorithm 1: BLR Linearity (Homomorphism) Test input : Oracle access to an unknown function f : G H. 1 Pick x, y G uniformly and independently at random. 2 Query f on x, y, and x + y to find out f(x), f(y), and f(x + y). 3 Accept if f(x) + f(y) = f(x + y); otherwise, reject. Blum et al. [9] and Ben-Or et al. [7] showed that O(1/ɛ) iterations of the BLR test suffice to get a property tester for group homomorphism. (The analysis in [9] worked for a special case of the problem, and [7] extended it all groups). It is not hard to prove that Ω(1/ɛ) queries are required to test for linearity and, in fact, any 3 The choice of error probability in the definition of the tester is arbitrary. Using standard techniques, a tester with error probability 1/3 can be turned into a tester with error probability δ (0, 1/3) by repeating the original tester O(log 1 δ ) times and taking the majority answer.

3 non-trivial property, so the resulting tester is optimal in terms of the query complexity and the running time. Lots of effort went into understanding the rejection probability of the BLR test for functions that are ɛ-far from homomorphisms over various groups and, especially, for the case F = {0, 1} n (see [17] and references therein). A nice exposition of the analysis for the latter special case, which follows the Fourier-analytic approach of Bellare et al. [5], can by found in the book by O Donnell [21]. Several works [26; 24; 14; 8; 25] showed how to reduce the number of random bits required by homomorphism tests. In the natural implementation of the BLR test, 2 log G random bits per iteration are used to pick x and y. Shpilka and Wigderson [25] gave a homomorphism test for general groups that needs only (1 + o(1)) log 2 G random bits. The case when G is a subset of an infinite group, f is a real-valued function, and the oracle query to f returns a finite-precision approximation to f(x) has been considered in [11; 2; 10; 19; 20]. These works gave testers with query complexity independent of the domain size (see [18] for a survey). 3 Applications Self-testing/correcting programs The linearity testing problem was motivated in [9] by applications to self-testing and self-correcting of programs. Suppose you are given a program that is known to be correct on most inputs, but has not been checked (or, perhaps, is even known to be incorrect) on remaining inputs. A self-tester for f is an algorithm that can quickly verify whether a given program that supposedly computes f is correct on most inputs, without the aid of another program for f that has already been verified. A self-corrector for f is an algorithm that takes a program that correctly computes f on most inputs and uses it to correctly compute f on all inputs. Blum et al. [9] used their linearity test to construct self-testers for programs intended to compute various homomorphisms. Such functions include integer, polynomial, matrix and modular multiplication and division. Once it is verified that a program agrees on most inputs with some homomorphism, the task of determining whether it agrees with the correct homomorphism on most inputs becomes much easier. For programs intended to compute homomorphisms, it is easy to construct selfcorrectors: Suppose a program outputs f(x) on input x, where f agrees on most inputs with a homomorphism g. Fix a constant c. Consider the algorithm that, on input x, picks c log 1/δ values y from the domain G uniformly at random, computes f(x + y) f(y), and outputs the value that is seen most often, breaking ties arbitrarily. If f is 1-close to g then, since both y and x + y are uniformly distributed in G, it is the case 8 that for at least 3/4 of the choices of y, both g(x + y) = f(x + y) and g(y) = f(y), in which case f(x + y) f(y) = g(x). Thus, it is easy to show that there is a constant c such that if f is 1 -close to a homomorphism g, then for all x, the above algorithm 8 outputs g(x) with probability at least 1 δ. Probabilistically Checkable Proofs We discussed an equivalent formulation of the linearity testing problem in terms of testing whether a given string is a codeword of a Hadamard code. This formulation has been used in proofs of hardness of approximation of some NP-hard problems and to construct PCP systems that can be verified with a few queries (see, e.g., [3; 13]). The BLR Test as a Building Block The BLR test has been generalized and extended in many ways, as well as used as a building block in other testers. One

4 generalization, particularly useful in PCP constructions, is to testing if a given function is a polynomial of low degree (see, e.g., [16; 1; 15]). Other generalizations include tests for long codes [6; 13] and tests of linear consistency among multiple functions [4]. An example of an algorithm that uses the BLR test as a building block is a tester by Parnas, Ron, and Samorodnitsky [22] for the singleton property of functions f : {0, 1} n {0, 1}, namely, the property that the function f(x) = x i for some i [1, n]. 4 Open Problems We discussed that the BLR test can be used to check whether a given string is a Hadamard codeword or far from it. For which other codes can such a check be performed efficiently? In other words, which codes are locally testable? We refer the reader to the entry Locally Testable Codes. Which other properties of functions can be efficiently tested in the property testing model? Some examples are given in the entries Testing Juntas and Related Properties of Boolean Functions and Monotonicity Testing. Testing properties of graphs is discussed in the entries Testing Bipartiteness in the Dense-Graphs Model and Testing Bipartiteness of Graphs in Sublinear Time. Cross-References Testing Juntas and Related Properties of Boolean Functions Locally Testable Codes Monotonicity Testing Testing if an Array Is Sorted Testing Bipartiteness in the Dense-Graphs Model Testing Bipartiteness of Graphs in Sublinear Time Learning Heavy Fourier Coefficients of Boolean Functions Error correction Acknowledgements The first author was supported in part by NSF award CCF and by NSF CAREER award CCF Recommended Reading 1. Alon N, Kaufman T, Krivilevich M, Litsyn S, Ron D (2003) Testing low-degree polynomials over GF(2). In: Proceedings of RANDOM 03, pp Ar S, Blum M, Codenotti B, Gemmell P (2003) Checking approximate computations over the reals. In: Proceedings of the Twenty-Fifth Annual ACM Symposium on the Theory of Computing, pp Arora S, Lund C, Motwani R, Sudan M, Szegedy M (1998) Proof verification and the hardness of approximation problems. J ACM 45(3): Aumann Y, Håstad J, Rabin MO, Sudan M (2001) Linear-consistency testing. J Comput Syst Sci 62(4): Bellare M, Coppersmith D, Håstad J, Kiwi M, Sudan M (1996) Linearity testing over characteristic two. IEEE Transactions on Information Theory 42(6): Bellare M, Goldreich O, Sudan M (1998) Free bits, PCPs, and nonapproximability towards tight results. SIAM J Comput 27(3):

5 7. Ben-Or M, Coppersmith D, Luby M, Rubinfeld R (2008) Non-Abelian homomorphism testing, and distributions close to their self-convolutions. Random Struct Algorithms 32(1): Ben-Sasson E, Sudan M, Vadhan S, Wigderson A (2003) Randomness-efficient low degree tests and short PCPs via epsilon-biased sets. In: Proceedings of the Thirty-Fifth Annual ACM Symposium on the Theory of Computing, pp Blum M, Luby M, Rubinfeld R (1993) Self-testing/correcting with applications to numerical problems. JCSS 47: Ergun F, Kumar R, Rubinfeld R (2001) Checking approximate computations of polynomials and functional equations. SIAM J Comput 31(2): Gemmell P, Lipton R, Rubinfeld R, Sudan M, Wigderson A (1991) Self-testing/correcting for polynomials and for approximate functions. In: Proceedings of the Twenty-Third Annual ACM Symposium on Theory of Computing, pp Goldreich O, Goldwasser S, Ron D (1998) Property testing and its connection to learning and approximation. J ACM 45(4): Håstad J (2001) Some optimal inapproximability results. J ACM 48(4): Hastad J, Wigderson A (2003) Simple analysis of graph tests for linearity and PCP. Random Structures and Algorithms 22(2): Jutla CS, Patthak AC, Rudra A, Zuckerman D (2009) Testing low-degree polynomials over prime fields. Random Struct Algorithms 35(2): Kaufman T, Ron D (2006) Testing polynomials over general fields. SIAM J Comput 36(3): Kaufman T, Litsyn S, Xie N (2010) Breaking the epsilon-soundness bound of the linearity test over GF(2). SIAM J Comput 39(5): Kiwi M, Magniez F, Santha M (2001) Exact and approximate testing/correcting of algebraic functions: A survey. Electronic Colloqium on Computational Complexity 8(14) 19. Kiwi M, Magniez F, Santha M (2003) Approximate testing with error relative to input size. JCSS 66(2): Magniez F (2005) Multi-linearity self-testing with relative error. Theory Comput Syst 38(5): O Donnell R (2014) Analysis of Boolean Functions. Cambridge University Press 22. Parnas M, Ron D, Samorodnitsky A (2002) Testing basic Boolean formulae. SIAM J Discrete Math 16(1): Rubinfeld R, Sudan M (1996) Robust characterizations of polynomials with applications to program testing. SIAM J Comput 25(2): Samorodnitsky A, Trevisan L (2000) A PCP characterization of NP with optimal amortized query complexity. In: stoc00, pp Shpilka A, Wigderson A (2006) Derandomizing homomorphism testing in general groups. SIAM J Comput 36(4): Trevisan L (1998) Recycling queries in PCPs and in linearity tests. In: Proceedings of the Thirtieth Annual ACM Symposium on the Theory of Computing, pp

### Testing Low-Degree Polynomials over

Testing Low-Degree Polynomials over Noga Alon, Tali Kaufman, Michael Krivelevich, Simon Litsyn, and Dana Ron Department of Mathematics, Tel Aviv University, Tel Aviv 69978, Israel and Institute for Advanced

### Breaking the ɛ-soundness Bound of the Linearity Test over GF(2)

Breaking the ɛ-soundness Bound of the Linearity Test over GF() Tali Kaufman Simon Litsyn Ning Xie Abstract For Boolean functions that are ɛ-far from the set of linear functions, we study the lower bound

### A Brief Introduction to Property Testing

A Brief Introduction to Property Testing Oded Goldreich Abstract. This short article provides a brief description of the main issues that underly the study of property testing. It is meant to serve as

### 1 Formulating The Low Degree Testing Problem

6.895 PCP and Hardness of Approximation MIT, Fall 2010 Lecture 5: Linearity Testing Lecturer: Dana Moshkovitz Scribe: Gregory Minton and Dana Moshkovitz In the last lecture, we proved a weak PCP Theorem,

### The Internal and External Algebraic Structure. of Complexity Classes. Lance Fortnow. Department of Computer Science. The University of Chicago

The Internal and External Algebraic Structure of Complexity Classes Lance Fortnow Department of Computer Science The University of Chicago 1100 East 58th Street Chicago, Illinois 60637 Abstract The report

### Algorithmic and Analysis Techniques in Property Testing

Algorithmic and Analysis Techniques in Property Testing Dana Ron School of EE Tel-Aviv University Ramat Aviv, Israel danar@eng.tau.ac.il Abstract Property testing algorithms are ultra -efficient algorithms

### CSC2420 Fall 2012: Algorithm Design, Analysis and Theory

CSC2420 Fall 2012: Algorithm Design, Analysis and Theory Allan Borodin November 15, 2012; Lecture 10 1 / 27 Randomized online bipartite matching and the adwords problem. We briefly return to online algorithms

### The sum of d small-bias generators fools polynomials of degree d

The sum of d small-bias generators fools polynomials of degree d Emanuele Viola April 15, 2009 Abstract We prove that the sum of d small-bias generators L : F s F n fools degree-d polynomials in n variables

### Testing Hereditary Properties of Non-Expanding Bounded-Degree Graphs

Testing Hereditary Properties of Non-Expanding Bounded-Degree Graphs Artur Czumaj Asaf Shapira Christian Sohler Abstract We study graph properties which are testable for bounded degree graphs in time independent

### 2.1 Complexity Classes

15-859(M): Randomized Algorithms Lecturer: Shuchi Chawla Topic: Complexity classes, Identity checking Date: September 15, 2004 Scribe: Andrew Gilpin 2.1 Complexity Classes In this lecture we will look

### Solving systems of linear equations over finite fields

Solving systems of linear equations over finite fields June 1, 2007 1 Introduction 2 3 4 Basic problem Introduction x 1 + x 2 + x 3 = 1 x 1 + x 2 = 1 x 1 + x 2 + x 4 = 1 x 2 + x 4 = 0 x 1 + x 3 + x 4 =

### Polynomial Degree and Lower Bounds in Quantum Complexity: Collision and Element Distinctness with Small Range

THEORY OF COMPUTING, Volume 1 (2005), pp. 37 46 http://theoryofcomputing.org Polynomial Degree and Lower Bounds in Quantum Complexity: Collision and Element Distinctness with Small Range Andris Ambainis

### Testing Properties of Linear Functions

Testing Properties of Linear Functions Eric Blais 1 and Daniel Kane 1 School of Computer Science, Carnegie Mellon University, Pittsburgh, PA 1513. eblais@cs.cmu.edu Department of Mathematics, Stanford

### Lecture 1: Course overview, circuits, and formulas

Lecture 1: Course overview, circuits, and formulas Topics in Complexity Theory and Pseudorandomness (Spring 2013) Rutgers University Swastik Kopparty Scribes: John Kim, Ben Lund 1 Course Information Swastik

### The Complexity of Online Memory Checking

The Complexity of Online Memory Checking Moni Naor Guy N. Rothblum Abstract We consider the problem of storing a large file on a remote and unreliable server. To verify that the file has not been corrupted,

### Hard Functions for Low-degree Polynomials over Prime Fields

0 Hard Functions for Low-degree Polynomials over Prime Fields Andrej Bogdanov, Department of Computer Science and Engineering and Institute for Theoretical Computer Science and Communications, Chinese

### Lecture 11: The Goldreich-Levin Theorem

COM S 687 Introduction to Cryptography September 28, 2006 Lecture 11: The Goldreich-Levin Theorem Instructor: Rafael Pass Scribe: Krishnaprasad Vikram Hard-Core Bits Definition: A predicate b : {0, 1}

### Lecture 2: Complexity Theory Review and Interactive Proofs

600.641 Special Topics in Theoretical Cryptography January 23, 2007 Lecture 2: Complexity Theory Review and Interactive Proofs Instructor: Susan Hohenberger Scribe: Karyn Benson 1 Introduction to Cryptography

### Notes 11: List Decoding Folded Reed-Solomon Codes

Introduction to Coding Theory CMU: Spring 2010 Notes 11: List Decoding Folded Reed-Solomon Codes April 2010 Lecturer: Venkatesan Guruswami Scribe: Venkatesan Guruswami At the end of the previous notes,

### List-Decoding Reed-Muller Codes over Small Fields

List-Decoding Reed-Muller Codes over Small Fields Parikshit Gopalan University of Washington parik@cs.washington.edu Adam R. Klivans UT Austin klivans@cs.utexas.edu David Zuckerman UT Austin diz@cs.utexas.edu

### 1 The Line vs Point Test

6.875 PCP and Hardness of Approximation MIT, Fall 2010 Lecture 5: Low Degree Testing Lecturer: Dana Moshkovitz Scribe: Gregory Minton and Dana Moshkovitz Having seen a probabilistic verifier for linearity

### A Sublinear Bipartiteness Tester for Bounded Degree Graphs

A Sublinear Bipartiteness Tester for Bounded Degree Graphs Oded Goldreich Dana Ron February 5, 1998 Abstract We present a sublinear-time algorithm for testing whether a bounded degree graph is bipartite

### Lecture 4: AC 0 lower bounds and pseudorandomness

Lecture 4: AC 0 lower bounds and pseudorandomness Topics in Complexity Theory and Pseudorandomness (Spring 2013) Rutgers University Swastik Kopparty Scribes: Jason Perry and Brian Garnett In this lecture,

### Lower Bounds for Testing Triangle-freeness in Boolean Functions

Lower Bounds for Testing Triangle-freeness in Boolean Functions Arnab Bhattacharyya MIT abhatt@mit.edu Ning Xie MIT ningxie@csail.mit.edu Abstract Let f 1, f 2, f 3 : F n 2 {0, 1} be three Boolean functions.

### Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2

### Verifiable Delegation of Computation over Large Datasets

Verifiable Delegation of Computation over Large Datasets Siavosh Benabbas University of Toronto Rosario Gennaro IBM Research Yevgeniy Vahlis AT&T Cloud Computing Data D Code F Y F(D) Cloud could be malicious

### U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009. Notes on Algebra

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009 Notes on Algebra These notes contain as little theory as possible, and most results are stated without proof. Any introductory

### The Online Set Cover Problem

The Online Set Cover Problem Noga Alon Baruch Awerbuch Yossi Azar Niv Buchbinder Joseph Seffi Naor ABSTRACT Let X = {, 2,..., n} be a ground set of n elements, and let S be a family of subsets of X, S

### The Complexity of Approximating a Nonlinear Program

The Complexity of Approximating a Nonlinear Program Mihir Bellare Phillip Rogaway October 1993 Abstract We consider the problem of finding the maximum of a multivariate polynomial inside a convex polytope.

### Influences in low-degree polynomials

Influences in low-degree polynomials Artūrs Bačkurs December 12, 2012 1 Introduction In 3] it is conjectured that every bounded real polynomial has a highly influential variable The conjecture is known

### (67902) Topics in Theory and Complexity Nov 2, 2006. Lecture 7

(67902) Topics in Theory and Complexity Nov 2, 2006 Lecturer: Irit Dinur Lecture 7 Scribe: Rani Lekach 1 Lecture overview This Lecture consists of two parts In the first part we will refresh the definition

### Quantum Computation CMU BB, Fall 2015

Quantum Computation CMU 5-859BB, Fall 205 Homework 3 Due: Tuesday, Oct. 6, :59pm, email the pdf to pgarriso@andrew.cmu.edu Solve any 5 out of 6. [Swap test.] The CSWAP (controlled-swap) linear operator

### The Dirichlet Unit Theorem

Chapter 6 The Dirichlet Unit Theorem As usual, we will be working in the ring B of algebraic integers of a number field L. Two factorizations of an element of B are regarded as essentially the same if

### Exponential time algorithms for graph coloring

Exponential time algorithms for graph coloring Uriel Feige Lecture notes, March 14, 2011 1 Introduction Let [n] denote the set {1,..., k}. A k-labeling of vertices of a graph G(V, E) is a function V [k].

### Notes on Complexity Theory Last updated: August, 2011. Lecture 1

Notes on Complexity Theory Last updated: August, 2011 Jonathan Katz Lecture 1 1 Turing Machines I assume that most students have encountered Turing machines before. (Students who have not may want to look

### Two General Methods to Reduce Delay and Change of Enumeration Algorithms

ISSN 1346-5597 NII Technical Report Two General Methods to Reduce Delay and Change of Enumeration Algorithms Takeaki Uno NII-2003-004E Apr.2003 Two General Methods to Reduce Delay and Change of Enumeration

### Arithmetic complexity in algebraic extensions

Arithmetic complexity in algebraic extensions Pavel Hrubeš Amir Yehudayoff Abstract Given a polynomial f with coefficients from a field F, is it easier to compute f over an extension R of F than over F?

### Combinatorial PCPs with ecient veriers

Combinatorial PCPs with ecient veriers Or Meir Abstract The PCP theorem asserts the existence of proofs that can be veried by a verier that reads only a very small part of the proof. The theorem was originally

### Depth-Independent Lower Bounds on the Communication Complexity of Read-Once Boolean Formulas

Depth-Independent Lower Bounds on the Communication Complexity of Read-Once Boolean Formulas Rahul Jain 1, Hartmut Klauck 2, and Shengyu Zhang 3 1 Centre for Quantum Technologies and Department of Computer

### Introduction to Security Proof of Cryptosystems

Introduction to Security Proof of Cryptosystems D. J. Guan November 16, 2007 Abstract Provide proof of security is the most important work in the design of cryptosystems. Problem reduction is a tool to

### Quantum Computing Lecture 7. Quantum Factoring. Anuj Dawar

Quantum Computing Lecture 7 Quantum Factoring Anuj Dawar Quantum Factoring A polynomial time quantum algorithm for factoring numbers was published by Peter Shor in 1994. polynomial time here means that

### The Black-Box Query Complexity of Polynomial Summation

The Black-Box Query Complexity of Polynomial Summation Ali Juma Department of Computer Science University of Toronto Toronto, Canada ajuma@cs.toronto.edu Charles Rackoff Department of Computer Science

### Graph Security Testing

JOURNAL OF APPLIED COMPUTER SCIENCE Vol. 23 No. 1 (2015), pp. 29-45 Graph Security Testing Tomasz Gieniusz 1, Robert Lewoń 1, Michał Małafiejski 1 1 Gdańsk University of Technology, Poland Department of

### P versus NP, and More

1 P versus NP, and More Great Ideas in Theoretical Computer Science Saarland University, Summer 2014 If you have tried to solve a crossword puzzle, you know that it is much harder to solve it than to verify

### Algebraic Computation Models. Algebraic Computation Models

Algebraic Computation Models Ζυγομήτρος Ευάγγελος ΜΠΛΑ 201118 Φεβρουάριος, 2013 Reasons for using algebraic models of computation The Turing machine model captures computations on bits. Many algorithms

### Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

Breaking The Code Ryan Lowe Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and a minor in Applied Physics. As a sophomore, he took an independent study

### Partial Fractions. Combining fractions over a common denominator is a familiar operation from algebra:

Partial Fractions Combining fractions over a common denominator is a familiar operation from algebra: From the standpoint of integration, the left side of Equation 1 would be much easier to work with than

### On Rank vs. Communication Complexity

On Rank vs. Communication Complexity Noam Nisan Avi Wigderson Abstract This paper concerns the open problem of Lovász and Saks regarding the relationship between the communication complexity of a boolean

### princeton univ. F 13 cos 521: Advanced Algorithm Design Lecture 6: Provable Approximation via Linear Programming Lecturer: Sanjeev Arora

princeton univ. F 13 cos 521: Advanced Algorithm Design Lecture 6: Provable Approximation via Linear Programming Lecturer: Sanjeev Arora Scribe: One of the running themes in this course is the notion of

### Breaking An Identity-Based Encryption Scheme based on DHIES

Breaking An Identity-Based Encryption Scheme based on DHIES Martin R. Albrecht 1 Kenneth G. Paterson 2 1 SALSA Project - INRIA, UPMC, Univ Paris 06 2 Information Security Group, Royal Holloway, University

### Computational Complexity: A Modern Approach. Draft of a book: Dated January 2007 Comments welcome!

i Computational Complexity: A Modern Approach Draft of a book: Dated January 2007 Comments welcome! Sanjeev Arora and Boaz Barak Princeton University complexitybook@gmail.com Not to be reproduced or distributed

### SECRET sharing schemes were introduced by Blakley [5]

206 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 52, NO. 1, JANUARY 2006 Secret Sharing Schemes From Three Classes of Linear Codes Jin Yuan Cunsheng Ding, Senior Member, IEEE Abstract Secret sharing has

### A simpler and better derandomization of an approximation algorithm for Single Source Rent-or-Buy

A simpler and better derandomization of an approximation algorithm for Single Source Rent-or-Buy David P. Williamson Anke van Zuylen School of Operations Research and Industrial Engineering, Cornell University,

### Guaranteed Slowdown, Generalized Encryption Scheme, and Function Sharing

Guaranteed Slowdown, Generalized Encryption Scheme, and Function Sharing Yury Lifshits July 10, 2005 Abstract The goal of the paper is to construct mathematical abstractions of different aspects of real

### I. GROUPS: BASIC DEFINITIONS AND EXAMPLES

I GROUPS: BASIC DEFINITIONS AND EXAMPLES Definition 1: An operation on a set G is a function : G G G Definition 2: A group is a set G which is equipped with an operation and a special element e G, called

### Module MA1S11 (Calculus) Michaelmas Term 2016 Section 3: Functions

Module MA1S11 (Calculus) Michaelmas Term 2016 Section 3: Functions D. R. Wilkins Copyright c David R. Wilkins 2016 Contents 3 Functions 43 3.1 Functions between Sets...................... 43 3.2 Injective

### Factoring & Primality

Factoring & Primality Lecturer: Dimitris Papadopoulos In this lecture we will discuss the problem of integer factorization and primality testing, two problems that have been the focus of a great amount

### Factoring by Quantum Computers

Factoring by Quantum Computers Ragesh Jaiswal University of California, San Diego A Quantum computer is a device that uses uantum phenomenon to perform a computation. A classical system follows a single

### Problem Set 7 - Fall 2008 Due Tuesday, Oct. 28 at 1:00

18.781 Problem Set 7 - Fall 2008 Due Tuesday, Oct. 28 at 1:00 Throughout this assignment, f(x) always denotes a polynomial with integer coefficients. 1. (a) Show that e 32 (3) = 8, and write down a list

### Succinct Proofs for NP and Spooky Interactions

Succinct Proofs for NP and Spooky Interactions Cynthia Dwork Michael Langberg Moni Naor Kobbi Nissim Omer Reingold December 21, 2004 Abstract This paper investigates the possibility that any NP statement

### it is easy to see that α = a

21. Polynomial rings Let us now turn out attention to determining the prime elements of a polynomial ring, where the coefficient ring is a field. We already know that such a polynomial ring is a UF. Therefore

### Lecture 13 - Basic Number Theory.

Lecture 13 - Basic Number Theory. Boaz Barak March 22, 2010 Divisibility and primes Unless mentioned otherwise throughout this lecture all numbers are non-negative integers. We say that A divides B, denoted

### ON THE COMPLEXITY OF THE GAME OF SET. {kamalika,pbg,dratajcz,hoeteck}@cs.berkeley.edu

ON THE COMPLEXITY OF THE GAME OF SET KAMALIKA CHAUDHURI, BRIGHTEN GODFREY, DAVID RATAJCZAK, AND HOETECK WEE {kamalika,pbg,dratajcz,hoeteck}@cs.berkeley.edu ABSTRACT. Set R is a card game played with a

### arxiv: v1 [cs.ds] 24 Oct 2010

Property Testing via Set-Theoretic Operations Victor Chen Madhu Sudan Ning Xie arxiv:1010.4925v1 [cs.ds] 24 Oct 2010 Abstract Given two testable properties P 1 and P 2, under what conditions are the union,

### Mathematics Course 111: Algebra I Part IV: Vector Spaces

Mathematics Course 111: Algebra I Part IV: Vector Spaces D. R. Wilkins Academic Year 1996-7 9 Vector Spaces A vector space over some field K is an algebraic structure consisting of a set V on which are

### Approximation Algorithms

Approximation Algorithms or: How I Learned to Stop Worrying and Deal with NP-Completeness Ong Jit Sheng, Jonathan (A0073924B) March, 2012 Overview Key Results (I) General techniques: Greedy algorithms

### MATH 4330/5330, Fourier Analysis Section 11, The Discrete Fourier Transform

MATH 433/533, Fourier Analysis Section 11, The Discrete Fourier Transform Now, instead of considering functions defined on a continuous domain, like the interval [, 1) or the whole real line R, we wish

### Some Optimal Inapproximability Results

Some Optimal Inapproximability Results JOHAN HÅSTAD Royal Institute of Technology, Stockholm, Sweden Abstract. We prove optimal, up to an arbitrary ɛ>0, inapproximability results for Max-Ek-Sat for k 3,

### The Complexity of Testing Monomials in Multivariate Polynomials

Electronic Colloquium on Computational Complexity, Report No. 114 (2010) The Complexity of Testing Monomials in Multivariate Polynomials Zhixiang Chen and Bin Fu Department of Computer Science University

### Basics of Polynomial Theory

3 Basics of Polynomial Theory 3.1 Polynomial Equations In geodesy and geoinformatics, most observations are related to unknowns parameters through equations of algebraic (polynomial) type. In cases where

### Outline Introduction Circuits PRGs Uniform Derandomization Refs. Derandomization. A Basic Introduction. Antonis Antonopoulos.

Derandomization A Basic Introduction Antonis Antonopoulos CoReLab Seminar National Technical University of Athens 21/3/2011 1 Introduction History & Frame Basic Results 2 Circuits Definitions Basic Properties

### A NOVEL APPROACH FOR VERIFIABLE SECRET SHARING BY USING A ONE WAY HASH FUNCTION

A NOVEL APPROACH FOR VERIFIABLE SECRET SHARING BY Abstract USING A ONE WAY HASH FUNCTION Keyur Parmar & Devesh Jinwala Sardar Vallabhbhai National Institute of Technology, Surat Email : keyur.beit@gmail.com

### Permutation Betting Markets: Singleton Betting with Extra Information

Permutation Betting Markets: Singleton Betting with Extra Information Mohammad Ghodsi Sharif University of Technology ghodsi@sharif.edu Hamid Mahini Sharif University of Technology mahini@ce.sharif.edu

### Learning Noisy Characters, Multiplication Codes, and Cryptographic Hardcore Predicates. Adi Akavia

Learning Noisy Characters, Multiplication Codes, and Cryptographic Hardcore Predicates by Adi Akavia Submitted to the Department of Electrical Engineering and Computer Science in partial fulfillment of

### ! Solve problem to optimality. ! Solve problem in poly-time. ! Solve arbitrary instances of the problem. #-approximation algorithm.

Approximation Algorithms 11 Approximation Algorithms Q Suppose I need to solve an NP-hard problem What should I do? A Theory says you're unlikely to find a poly-time algorithm Must sacrifice one of three

### Sublinear-time and sublinear-space algorithms Error-correcting codes and lattices Computational complexity Learning theory

Elena Grigorescu Education 2006 2010 Ph.D., Massachusetts Institute of Technology, Cambridge, MA. 2004 2006 M.S., Massachusetts Institute of Technology, Cambridge, MA. 2000 2004 B.A., Bard College, Annandale,

### High degree graphs contain large-star factors

High degree graphs contain large-star factors Dedicated to László Lovász, for his 60th birthday Noga Alon Nicholas Wormald Abstract We show that any finite simple graph with minimum degree d contains a

### Differentially Private Analysis of

Title: Name: Affil./Addr. Keywords: SumOriWork: Differentially Private Analysis of Graphs Sofya Raskhodnikova, Adam Smith Pennsylvania State University Graphs, privacy, subgraph counts, degree distribution

### Integer factorization is in P

Integer factorization is in P Yuly Shipilevsky Toronto, Ontario, Canada E-mail address: yulysh2000@yahoo.ca Abstract A polynomial-time algorithm for integer factorization, wherein integer factorization

### 24. The Branch and Bound Method

24. The Branch and Bound Method It has serious practical consequences if it is known that a combinatorial problem is NP-complete. Then one can conclude according to the present state of science that no

### Definition 11.1. Given a graph G on n vertices, we define the following quantities:

Lecture 11 The Lovász ϑ Function 11.1 Perfect graphs We begin with some background on perfect graphs. graphs. First, we define some quantities on Definition 11.1. Given a graph G on n vertices, we define

### (x + a) n = x n + a Z n [x]. Proof. If n is prime then the map

22. A quick primality test Prime numbers are one of the most basic objects in mathematics and one of the most basic questions is to decide which numbers are prime (a clearly related problem is to find

### On the Unique Games Conjecture

On the Unique Games Conjecture Antonios Angelakis National Technical University of Athens June 16, 2015 Antonios Angelakis (NTUA) Theory of Computation June 16, 2015 1 / 20 Overview 1 Introduction 2 Preliminary

### Non-Black-Box Techniques In Crytpography. Thesis for the Ph.D degree Boaz Barak

Non-Black-Box Techniques In Crytpography Introduction Thesis for the Ph.D degree Boaz Barak A computer program (or equivalently, an algorithm) is a list of symbols a finite string. When we interpret a

Approximation Algorithms Chapter Approximation Algorithms Q. Suppose I need to solve an NP-hard problem. What should I do? A. Theory says you're unlikely to find a poly-time algorithm. Must sacrifice one

### ! Solve problem to optimality. ! Solve problem in poly-time. ! Solve arbitrary instances of the problem. !-approximation algorithm.

Approximation Algorithms Chapter Approximation Algorithms Q Suppose I need to solve an NP-hard problem What should I do? A Theory says you're unlikely to find a poly-time algorithm Must sacrifice one of

### Mathematical Induction

Chapter 2 Mathematical Induction 2.1 First Examples Suppose we want to find a simple formula for the sum of the first n odd numbers: 1 + 3 + 5 +... + (2n 1) = n (2k 1). How might we proceed? The most natural

### Prime Numbers and Irreducible Polynomials

Prime Numbers and Irreducible Polynomials M. Ram Murty The similarity between prime numbers and irreducible polynomials has been a dominant theme in the development of number theory and algebraic geometry.

### Approximation Algorithms: LP Relaxation, Rounding, and Randomized Rounding Techniques. My T. Thai

Approximation Algorithms: LP Relaxation, Rounding, and Randomized Rounding Techniques My T. Thai 1 Overview An overview of LP relaxation and rounding method is as follows: 1. Formulate an optimization

### Analysis of Approximation Algorithms for k-set Cover using Factor-Revealing Linear Programs

Analysis of Approximation Algorithms for k-set Cover using Factor-Revealing Linear Programs Stavros Athanassopoulos, Ioannis Caragiannis, and Christos Kaklamanis Research Academic Computer Technology Institute

### Concrete Security of the Blum-Blum-Shub Pseudorandom Generator

Appears in Cryptography and Coding: 10th IMA International Conference, Lecture Notes in Computer Science 3796 (2005) 355 375. Springer-Verlag. Concrete Security of the Blum-Blum-Shub Pseudorandom Generator

### Theory of Computation Prof. Kamala Krithivasan Department of Computer Science and Engineering Indian Institute of Technology, Madras

Theory of Computation Prof. Kamala Krithivasan Department of Computer Science and Engineering Indian Institute of Technology, Madras Lecture No. # 31 Recursive Sets, Recursively Innumerable Sets, Encoding

### Lecture 3: Finding integer solutions to systems of linear equations

Lecture 3: Finding integer solutions to systems of linear equations Algorithmic Number Theory (Fall 2014) Rutgers University Swastik Kopparty Scribe: Abhishek Bhrushundi 1 Overview The goal of this lecture

### Lecture 8: Applications of Quantum Fourier transform

Department of Physical Sciences, University of Helsinki http://theory.physics.helsinki.fi/ quantumgas/ p. 1/25 Quantum information and computing Lecture 8: Applications of Quantum Fourier transform Jani-Petri

### On the representability of the bi-uniform matroid

On the representability of the bi-uniform matroid Simeon Ball, Carles Padró, Zsuzsa Weiner and Chaoping Xing August 3, 2012 Abstract Every bi-uniform matroid is representable over all sufficiently large

### Victor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract

Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart

### The Challenger-Solver game: Variations on the theme of P =?NP

The Challenger-Solver game: Variations on the theme of P =?NP Yuri Gurevich Electrical Engineering and Computer Science Department University of Michigan, Ann Arbor, MI 48109, U.S.A. Logic in Computer

Adaptive Online Gradient Descent Peter L Bartlett Division of Computer Science Department of Statistics UC Berkeley Berkeley, CA 94709 bartlett@csberkeleyedu Elad Hazan IBM Almaden Research Center 650