Pseudorandomness Basic Derandomization Techniques, Lecture Notes - Computer Science, Study notes of Number Theory

Prof. Salil Vadhan, Computer Science, Pseudorandomness Basic Derandomization Techniques, Enumeration, Nonconstructive Derandomization , Nonuniform Derandomization, Nondeterminism, Harvard, Lecture Notes

Typology: Study notes

2010/2011

Uploaded on 10/26/2011

thecoral
thecoral 🇺🇸

4.5

(30)

395 documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS225: Pseudorandomness Prof. Salil Vadhan
Lecture 5: Basic Derandomization Techniques
February 15, 2007
Based on scribe notes by Arthur Rudolph and Chun-Yun Hsiao.
1 Recap
Over the past few lectures, we have discussed some striking examples of the power of randomness
for the design of efficient algorithms:
Identity Testing in co-RP.
ε-Approx #DNF in prBPP.
Perfect Matching in RNC.
Undirected S-T Connectivity in RL.
Large Cut in probabilistic polynomial time.
This is of course only a small sample; there are entire courses on ways of exploiting randomness in
computation (e.g. CS223, CS 224r, MIT 6.856). One topic in particular we omitted is the usefulness
of randomness for verifying proofs. Recall that NP is the class of language having membership
proofs that can be verified in P. Thus it is natural to consider proof verification that is probabilistic,
leading to the class MA, as well as a larger class AM, where the proof itself can depend on the
randomness chosen by the verifier. (These are both subclasses of the class IP of languages having
interactive proof systems.) There are languages, such as Graph Nonisomorphism, that are in AM
but are not known to be in NP. “Derandomizing” these proof systems (e.g. proving AM =NP)
would mean showing that Graph Nonisomorphism is in NP, i.e. there are short proofs that two
graphs are nonisomorphic. You can read more about interactive proofs in the lecture notes from
Spring 2004.
In the rest of the course, we will turn towards derandomization trying to remove the randomness
from these algorithms. We will achieve this for some of the specific algorithms we studied, and also
attack the larger questions of whether all efficient randomized algorithms can be derandomized,
e.g. does BPP =P?RL =L?, RNC =NC?
Over the next couple of lectures, we will introduce a variety of “basic” derandomization techniques.
These will be deficient in that they either are infeasible (e.g. cannot be carried in polynomial time)
or very specialized (e.g. apply only in very specific circumstances). But it will be useful to have
these as tools before we proceed to study more sophisticated pseudorandom ob jects.
1
pf3
pf4
pf5

Partial preview of the text

Download Pseudorandomness Basic Derandomization Techniques, Lecture Notes - Computer Science and more Study notes Number Theory in PDF only on Docsity!

CS225: Pseudorandomness Prof. Salil Vadhan

Lecture 5: Basic Derandomization Techniques

February 15, 2007

Based on scribe notes by Arthur Rudolph and Chun-Yun Hsiao.

1 Recap

Over the past few lectures, we have discussed some striking examples of the power of randomness for the design of efficient algorithms:

  • Identity Testing in co-RP.
  • ε-Approx #DNF in prBPP.
  • Perfect Matching in RNC.
  • Undirected S-T Connectivity in RL.
  • Large Cut in probabilistic polynomial time.

This is of course only a small sample; there are entire courses on ways of exploiting randomness in computation (e.g. CS223, CS 224r, MIT 6.856). One topic in particular we omitted is the usefulness of randomness for verifying proofs. Recall that NP is the class of language having membership proofs that can be verified in P. Thus it is natural to consider proof verification that is probabilistic, leading to the class MA, as well as a larger class AM, where the proof itself can depend on the randomness chosen by the verifier. (These are both subclasses of the class IP of languages having interactive proof systems.) There are languages, such as Graph Nonisomorphism, that are in AM but are not known to be in NP. “Derandomizing” these proof systems (e.g. proving AM = NP) would mean showing that Graph Nonisomorphism is in NP, i.e. there are short proofs that two graphs are nonisomorphic. You can read more about interactive proofs in the lecture notes from Spring 2004.

In the rest of the course, we will turn towards derandomization — trying to remove the randomness from these algorithms. We will achieve this for some of the specific algorithms we studied, and also attack the larger questions of whether all efficient randomized algorithms can be derandomized, e.g. does BPP = P? RL = L?, RNC = NC?

Over the next couple of lectures, we will introduce a variety of “basic” derandomization techniques. These will be deficient in that they either are infeasible (e.g. cannot be carried in polynomial time) or very specialized (e.g. apply only in very specific circumstances). But it will be useful to have these as tools before we proceed to study more sophisticated pseudorandom objects.

2 Enumeration

We are interested in how much savings randomization provides. One way of asking this is to try to find the smallest possible upper bound on the deterministic time complexity of languages in BPP.

Definition 1

DTIME(t(n)) = {L : L can be decided deterministically in time O(t(n))} P = ∪cDTIME(nc) P^ ˜ = ∪cDTIME(2(log^ n)c ) SUBEXP = ∩εDTIME(2n ε ) EXP = ∪cDTIME(2n

c )

The “Time Hierarchy Theorem” (found in any complexity text, e.g. Sipser) implies that all of these classes are distinct, i.e. P ( P˜ ( SUBEXP ( EXP. More generally, it says that DTIME(o(t(n)/ log t(n))) ( DTIME(t(n)) for any efficiently computable time bound t. (What is difficult in complexity theory is separating classes that involve different computational resources, like determinstic time vs. nondeterministic time.)

Enumeration enables us to deterministically simulate any randomized algorithm with an exponential slowdown.

Proposition 2 BPP ⊆ EXP.

Proof: If L is in BPP, then there is a probabilistic polynomial-time algorithm for A running in time t(n) for some polynomial t. As an upper bound, A uses at most t(n) random bits. We can view A as a deterministic algorithm on two inputs — its regular input x and its coin tosses r. We’ll write A(x; r) for A’s output.

Pr[A(x; r) accepts] =

2 t(n)

r∈{ 0 , 1 }t(n)

A(x; r)

We can compute the right-hand side of that expression in deterministic time 2t(n)^ · t(n).

We see that the enumeration method is general in that it applies to all BPP algorithms, but it is infeasible (taking exponential time). However, if the algorithm only uses a small number of random bits, it becomes feasible:

Proposition 3 If L has a probabilistic polynomial-time algorithm that runs in time t(n) and uses r(n) random bits, then L ∈ DTIME(t(n) · 2 r(n)). In particular, if t(n) = poly(n) and r(n) = O(log n), then L ∈ P.

Open Problem 4 Is BPP closer to P or EXP? Is BPP ⊆ P˜? Is BPP ⊆ SUBEXP?

Open Problem 7 Can we construct such a universal traversal sequence explicitly (e.g. in poly- nomial time or even logarithmic space)?

The best known explicit construction of a universal traversal sequence has length (and time) nO(log^ n). The methods underlying the recent deterministic logspace algorithm for Undirected S-T Connectivity (which we will cover) also yield universal traversal sequences that work on graphs where the labelling of edges satisfy a certain ‘consistency’ condition. Removing this con- sistency condition seems to be the main obstacle towards proving RL = L in general using those methods.

We now cast the nonconstructive derandomizations provided by Proposition 5 in the language of ‘nonuniform’ complexity classes.

Definition 8 Let C be a class of languages, and a : N → N be a function. Then C/a is a class of languages defined as follows: L ∈ C/a if there exists L′^ ∈ C, and α 1 , α 2 ,... ∈ { 0 , 1 }∗^ with |αn| ≤ a(n), such that x ∈ L ⇔ (x, α|x|) ∈ L′. The α’s are called the advice strings.

One of the most natural nonuniform class is P/poly def =

c P/n

c. That is, polynomial time with

polynomial advice. A basic result in complexity theory is that P/poly is exactly the class of languages that can be decided by polynomial-sized Boolean circuits. (A language L is decided by a family of polynomial-sized Boolean circuits {Cn}n∈N, where |Cn| ≤ p(n) for some polynomial p, if for all n, Cn : { 0 , 1 }n^ → { 0 , 1 } decides L ∩ { 0 , 1 }n.) Although P/poly contains undecidable problems,^1 people generally believe that NP 6 ⊆ P/poly, and indeed trying to prove lower bounds on circuit size is one of the main approaches to proving P 6 = NP, since circuits seem much more concrete and combinatorial than Turing machines. (However this has turned out to be quite difficult; the best circuit lower bound known for computing an explicit function is roughly 4.5n.)

Proposition 5 directly implies:

Corollary 9 BPP ⊂ P/poly.

A more general meta-theorem is that “nonuniformity is more powerful than randomness.”

4 Nondeterminism

Although somewhat unrealistic, nondeterminism is considered as a powerful resource in complexity theory. Assuming we have this resource, can we guess a “good” random string and then do the computation deterministically? How do we check if a string is good or not? For classes with one-sided error, nondeterminism is more powerful than randomness.

Proposition 10 RP ⊆ NP.

(^1) Consider the unary version of halting problem, the advice string αn is simply a bit that tells us whether the n’th Turing machine halts or not.

Proof:

In contrast, we do not know whether BPP is contained in NP. Indeed, it is consistent with current knowledge that BPP = NEXP! Nevertheless, assuming P = NP (in some sense, assuming nondeterminism is “cheap”), we can show that P = BPP.

Theorem 11 If P = NP, then P = BPP.

Proof Idea: Let L ∈ BPP, express membership in L using two quantifiers. That is, for some polynomial-time predicate P ,

x ∈ L ⇐⇒ ∃y∀z P (x, y, z)

Assuming P = NP, we can replace ∀z P (x, y, z) by a polynomial-time predicate Q(x, y), because {(x, y) : ∀z P (x, y, z)} ∈ co-NP = P. Then L = {x : ∃y Q(x, y)} ∈ NP = P. Fix a randomized algorithm A for a BPP language L, and assume, w.l.o.g., that its error probability is smaller than 2−n^ and it uses m = poly(n) coin tosses. Let Zx ⊂ { 0 , 1 }m^ be the set of coin tosses r for which A(x; r) = 0. We will show that if x is in L, there exist m points in { 0 , 1 }m^ such that no “translation” of Zx covers all the points. Intuitively, this should be possible because Zx is an exponentially small fraction of { 0 , 1 }m^. On the other hand if x /∈ L, then for any m points in { 0 , 1 }m^ , we will show that there is a “translation” of Zx that covers all the points. Intuitively, this should be possible because Zx covers all but an exponentially small fraction of { 0 , 1 }m^.

Proof: Let s ∈ { 0 , 1 }m^ , and define “translation of Zx” as Zx ⊕ s = {b ⊕ s : b ∈ Zx}. We will show

x ∈ L ⇒ ∃r 1 , r 2 ,... , rm ∈ { 0 , 1 }m^ ∀s ∈ { 0 , 1 }m^ ¬

∧^ m

i=

(ri ∈ Zx ⊕ s)

⇔ ∃r 1 , r 2 ,... , rm ∈ { 0 , 1 }m^ ∀s ∈ { 0 , 1 }m^ ¬

∧^ m

i=

(A(x; ri ⊕ s) = 0) ;

x /∈ L ⇒ ∀r 1 , r 2 ,... , rm ∈ { 0 , 1 }m^ ∃s ∈ { 0 , 1 }m

∧m

i=

(ri ∈ Zx ⊕ s)

⇔ ∀r 1 , r 2 ,... , rm ∈ { 0 , 1 }m^ ∃s ∈ { 0 , 1 }m

∧m

i=

(A(x; ri ⊕ s) = 0).

We prove both parts by the Probabilistic Method.

x ∈ L: Choose R 1 , R 2 ,... , Rm R ← { 0 , 1 }m. Then, for every fixed s, we have

Pr[Ri ∈ Zx ⊕ s] < 2 −n^ ⇒ Pr

[

i

(Ri ∈ Zx ⊕ s)

]

< 2 −nm.