Download Introduction to the Theory of Computation Chapter 10.2

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
Document related concepts

Turing's proof wikipedia , lookup

List of prime numbers wikipedia , lookup

Georg Cantor's first set theory article wikipedia , lookup

List of important publications in mathematics wikipedia , lookup

Fundamental theorem of calculus wikipedia , lookup

Polynomial wikipedia , lookup

Mathematical proof wikipedia , lookup

Brouwer fixed-point theorem wikipedia , lookup

Law of large numbers wikipedia , lookup

Central limit theorem wikipedia , lookup

Four color theorem wikipedia , lookup

Algorithm wikipedia , lookup

System of polynomial equations wikipedia , lookup

Fermat's Last Theorem wikipedia , lookup

Theorem wikipedia , lookup

Vincent's theorem wikipedia , lookup

Factorization wikipedia , lookup

Wiles's proof of Fermat's Last Theorem wikipedia , lookup

Quadratic reciprocity wikipedia , lookup

Factorization of polynomials over finite fields wikipedia , lookup

Fundamental theorem of algebra wikipedia , lookup

Proofs of Fermat's little theorem wikipedia , lookup

Transcript 
Introduction to the Theory of Computation
Chapter 10.2
Takagi Lab. M1
Sho Nishimura
Outline
• Probabilistic algorithms,
probabilistic Turing machines,
and complexity class BPP
• Example of probabilistic algorithms :
primality test
• Example of probabilistic algorithms :
equivalence of read-once branching programs
Probabilistic algorithms
• A probabilistic algorithm:
designed to use the outcome of a random
process
– Some problems seem to be more easily solvable
by probabilistic algorithms
than by deterministic algorithms
A Probabilistic Turing Machine
• Def 10.3: a probabilistic Turing machine 𝑀
– A type of nondeterministic TM in which each
nondeterministic step is called a coin-flip step and
has TWO legal next moves.
• The probability of branch 𝑏:Pr 𝑏 = 2−𝑘
(𝑘: the number of coin-flip steps)
– The probability that 𝑀 accepts the input 𝑤:
Pr 𝑀 𝑎𝑐𝑐𝑒𝑝𝑡𝑠 𝑤 =
Pr[𝑏]
𝑏 𝑖𝑠
𝑎𝑛 𝑎𝑐𝑐𝑒𝑝𝑡𝑖𝑛𝑔 𝑏𝑟𝑎𝑛𝑐ℎ
• Of course, the probability that 𝑀 rejects the input 𝑤
is the complementary event of this
A Probabilistic Turing Machine
A Probabilistic Turing Machine
• accept/reject: error probability 𝜖 0 ≤ 𝜖 <
• “𝑀 recognizes language 𝐴 with error
probability 𝜖”:
1. 𝑤 ∈ 𝐴 → Pr 𝑀 𝑎𝑐𝑐𝑒𝑝𝑡𝑠 𝑤 ≥ 1 − 𝜖
2. 𝑤 ∉ 𝐴 → Pr 𝑀 𝑟𝑒𝑗𝑒𝑐𝑡𝑠 𝑤 ≥ 1 − 𝜖
1
2
Class BPP
• Def 10.4: class BPP
– BPP is the class of languages that are recognized
by probabilistic polynomial Turing machines with
1
an error probability of .
3
Actually, any constant error probability(0 < 𝜖 <
would yield an equivalent definition.
1
)
2
Lemma 10.5:Amplification Lemma
• Lemma 10.5:Amplification Lemma
– 𝜖: a fixed constant strictly between 0 and
1
2
– For any polynomial 𝑝𝑜𝑙𝑦 𝑛 , a probabilistic
polynomial time TM 𝑀1 that operates with error
probability 𝜖 has an equivalent probabilistic
polynomial time TM 𝑀2 that operates with an
error probability of 2−𝑝𝑜𝑙𝑦 𝑛 .
Lemma 10.5:Amplification Lemma
• How to prove Lemma 10.5?
– 𝑀2 simulates 𝑀1 by running 𝑀1 polynomial times
and taking the majority vote of outcomes.
• Error rate decreases exponentially.
Lemma 10.5:Amplification Lemma
(Formal proof)
• 𝑀1 (error prob.:𝜖
1
< ), a polynomial
2
−𝑝𝑜𝑙𝑦 𝑛
→ 𝑀2 (error prob.:2
𝑝𝑜𝑙𝑦(𝑛)
)
– 𝑀2 =“ On input 𝑥,
1. Calculate 𝑘 (describe later)
2. Run 2𝑘 independent simulations of 𝑀1 on input 𝑥
3. If most accept, then accept; otherwise reject.
Lemma 10.5:Amplification Lemma
(Formal proof)
• How to calculate 𝑘(boundary)?
– 𝑆: any sequence of results 𝑀2 might obtain in
Stage 2
• 𝑝𝑆 : probability 𝑆 is obtained
• 𝑐: correct results, 𝑤: wrong results(𝑐 + 𝑤 = 2𝑘)
• 𝑆 is a bad sequence if 𝑐 ≤ 𝑤
– 𝜖𝑥 : the probability 𝑀1 is wrong on input 𝑥
– →If 𝑆 is a bad sequence, then
𝑝𝑠 ≤ 𝜖𝑥 𝑤 1 − 𝜖𝑥 𝑐
Lemma 10.5:Amplification Lemma
(Formal proof)
• How to calculate 𝑘(boundary)?
– If 𝑆 is a bad sequence, then
𝑝𝑠 ≤ 𝜖𝑥 𝑤 1 − 𝜖𝑥
≤ 𝜖𝑤 1 − 𝜖 𝑐
𝑐
1
2
• 𝜖𝑥 ≤ 𝜖 < and 𝑐 ≤ 𝑤
therefore 𝜖𝑥 1 − 𝜖𝑥 ≤ 𝜖(1 − 𝜖)
– Also,
𝑝𝑠 ≤ 𝜖 𝑤 1 − 𝜖
• 𝑘 ≤ 𝑤 and 𝜖 < 1 − 𝜖
𝑐
≤ 𝜖𝑘 1 − 𝜖
𝑘
Lemma 10.5:Amplification Lemma
(Formal proof)
• How to calculate 𝑘(boundary)?
– The number of bad sequences are at most 22𝑘
– Therefore,
Pr 𝑀2 𝑜𝑢𝑡𝑝𝑢𝑡𝑠 𝑖𝑛𝑐𝑜𝑟𝑟𝑒𝑐𝑡𝑙𝑦 𝑜𝑛 𝑖𝑛𝑝𝑢𝑡 𝑥
=
𝑝𝑠
𝑏𝑎𝑑 𝑆
2𝑘
≤2
𝑘
⋅𝜖 1−𝜖
𝑘
= 4𝜖 1 − 𝜖
𝑘
• This upper bound decreases exponentially in 𝑘
– Because 4𝜖 1 − 𝜖 < 1
– Specific value that allows us to bound the error probability
by 2−𝑡 :
𝑡
𝑘≥
log 2 (4𝜖(1 − 𝜖))
(QED)
Primality
• A prime number ↔ A composite
– Testing whether a integer is prime or not
• A polynomial time algorithm is now known
(“AKS primality test”) but difficult
• A much simpler probabilistic polynomial time algorithm
for primality testing
• A number= ∏factors
– No probabilistic polynomial algorithm for finding
factors is known to exist
• The algorithm is based on
“Fermat’s little theorem”.(Theorem 10.6)
Primality
• Notations
– “𝑥 and 𝑦 are equivalent modulo 𝑝”:
𝑥 ≡ 𝑦(mod 𝑝)
• 𝑥 mod 𝑝: the smallest nonnegative 𝑦 such that
𝑥 ≡ 𝑦(mod 𝑝)
– Every number is equivalent modulo 𝑝 to
some member of the set 𝑍𝑝+ = {0, … , 𝑝 − 1}
• 𝑍𝑝 = {1, … , 𝑝 − 1}
• If 𝑥 ≡ 𝑝 − 1(mod 𝑝), then we may refer 𝑥 as
𝑥 ≡ −1(mod 𝑝)
Theorem 10.6:Fermat’s Little Theorem
• Theorem 10.6:Fermat’s little theorem
– If 𝑝: prime, and 𝑎 ∈ 𝑍𝑝+
– Then 𝑎𝑝−1 ≡ 1(mod 𝑝)
• Example
– 𝑝 = 7, 𝑎 = 2 → 27−1 = 64 ≡ 1(mod 7)
– 𝑝 = 6, 𝑎 = 2 → 26−1 = 32 ≡ 2(mod 6)
Fermat’s Little Theorem, pseudoprimes,
and the Carmichael numbers
• A Fermat test
– If 𝑎𝑝−1 ≡ 1(mod 𝑝), then we say
𝑝 passes the Fermat test at 𝑎
• Some composites pass this test.
– Pseudoprimes
– The Carmichael numbers
Correct definition of
Pseudoprime and the Carmichael numbers
• Pseudoprime
– a composite number that passes a test or
sequence of tests that fail for most composite
numbers
– c.f. Fermat pseudoprime to a base 𝑎(𝑝𝑠𝑝(𝑎))
• A composite 𝑛 such that 𝑎𝑛−1 ≡ 1(mod 𝑛)
• The Carmichael number
– An odd composite 𝑛 which satisfies Fermat’s little
theorem for every choice of 𝑎 which is relatively
prime to 𝑛
Reference: Wolfram Mathworld
http://mathworld.wolfram.com/
Algorithm “PSEUDOPRIME”
• Go through all Fermat tests?
→would require exponential time
• How to reduce the number of tests?
– “If a number is not pseudoprime, it fails at least
half of all tests.”(c.f. Problem 10.16)
• Probabilistic algorithm containing a parameter
𝑘 that determines the error probability
Algorithm “PSEUDOPRIME”
• PSEUDOPRIME = “On input 𝑝:
1. Select 𝑎1 , … , 𝑎𝑘 randomly in 𝑍𝑝+
𝑝−1
2. Compute 𝑎𝑖 mod 𝑝 for each 𝑖
3. If all computed values are 1, then accept;
otherwise, reject”
• Works properly?
– 𝑝 is prime→passes all tests and accept
– 𝑝 is not pseudoprime
→it passes at most half of all tests
1
• Probability it passes each test≤
2
• Probability it passes all random-selected tests≤ 2−𝑘
• Time complexity?: polynomial
Algorithm “PSEUDOPRIME”
• Eg. Check primality of 𝑝 = 17,18
(𝑘 = 4)
– 𝑝 = 17
1. 𝑎1 = 2, 𝑎2 = 3, 𝑎3 = 5, 𝑎4 = 7
2. 𝑎116 ≡ 1, 𝑎216 ≡ 1, 𝑎316 ≡ 1, 𝑎416 ≡ 1(mod 17)
3. Accept
– 𝑝 = 18
1. 𝑎1 = 2, 𝑎2 = 3, 𝑎3 = 5, 𝑎4 = 7
2. 𝑎117 ≡ 14, 𝑎217 ≡ 9, 𝑎317 ≡ 11, 𝑎417 ≡ 13(mod 18)
3. Reject
Algorithm “PSEUDOPRIME”
• Eg. Check primality of
𝑝 = 2821 = 7 × 13 × 31(𝑘 = 3)
1. 𝑎1 = 2, 𝑎2 = 3, 𝑎3 = 5
2. 22820 ≡ 1, 32820 ≡ 1, 52820 ≡ 1(mod 2821)
3. Accept……?
Actually, 2821 is one of the Carmichael numbers.
72820 ≡ 2016, 132820 ≡ 2171,
312820 ≡ 1457(mod 2821)
Improve “PSEUDOPRIME”
• How to deal with the Carmichael numbers?
– Number 1 has exactly two square roots
±1 modulo any prime 𝑝
– For composites, 1 has 4 or more square roots
• Eg.±1, ±8 are the square roots of 1, modulo 21
• If 𝑝 passes the Fermat test at 𝑎, we can obtain
a square root of 1 from 𝑎
– 𝑎𝑝−1 mod 𝑝 = 1
𝑝−1
2
mod 𝑝
Algorithm “PRIME”
• PRIME = “ On input 𝑝,
1. If 𝑝 is even, accept if 𝑝 = 2; otherwise, reject
2. Select 𝑎1 , … , 𝑎𝑘 randomly in 𝑍𝑝+
3. For each 𝑖 from 1 to 𝑘:
𝑝−1
4. Compute 𝑎𝑖
mod 𝑝 and reject if different from 1
5. Let 𝑝 − 1 = 𝑠𝑡 where 𝑠 is odd and 𝑡 = 2ℎ
𝑠⋅20 𝑠⋅21
𝑠⋅2ℎ
𝑎𝑖 , 𝑎𝑖 , … , 𝑎𝑖
6. Compute the sequence
modulo 𝑝
7. If some of the sequence is not 1, find the last element
that is not 1 and reject if it is not -1
8. All tests passed, so accept”
Algorithm “PRIME”
• Example(𝑝 = 2741, 𝑘 = 1)
– 𝑎1 = 2 is selected, 2741 passes Fermat test at 2:
22740 ≡ 1(mod 2741)
– 2741 − 1 = 685 × 22 (𝑠 = 685, 𝑡 = 4, ℎ = 2)
– The sequence:
2685 ≡ 656,
1
685×2
2
≡ 2740 ≡ −1,
2
685×2
2
≡ 1(mod 2741)
1
• The last element that is not 1 is “2685×2 modulo 2741”,
which is −1.
– Therefore accept
Algorithm “PRIME”
• Example(𝑝 = 2821, 𝑘 = 1)
– 𝑎1 = 2 is selected, 2821 passes Fermat test at 2.
– 2821 − 1 = 705 × 22 (𝑠 = 705, 𝑡 = 4, ℎ = 2)
– The sequence:
2705 ≡ 2605,
705×21
2
≡ 1520,
2
705×2
2
≡ 1(mod 2821)
– Therefore reject
Algorithm “PRIME”
• Works correctly?
– If 𝑝 is even, obviously it works
– Theorem 10.7:
If 𝑝 is an odd prime number,
Pr 𝑃𝑅𝐼𝑀𝐸 𝑎𝑐𝑐𝑒𝑝𝑡𝑠 𝑝 = 1
– Theorem 10.8:
If 𝑝 is an odd composite number,
Pr 𝑃𝑅𝐼𝑀𝐸 𝑎𝑐𝑐𝑒𝑝𝑡𝑠 𝑝 ≤ 2−𝑘
• 𝑎𝑖 is a (compositeness) witness
– if the algorithm rejects at either stage 4 or 7, using
𝑎𝑖
Theorem 10.7(proof)
• If 𝑎 were a stage 4 witness, 𝑝 is composite
(Fermat’s little theorem)
• If 𝑎 were a stage 7 witness?
∃𝑏 ∈ 𝑍𝑝+ 𝑠. 𝑡. 𝑏 ≢ 1 mod 𝑝 𝑎𝑛𝑑 𝑏 2 ≡ 1(mod 𝑝)
Therefore 𝑏 2 − 1 ≡ 0(mod 𝑝)
Factor this: (𝑏 + 1)(𝑏 − 1) ≡ 0(mod 𝑝)
Which implies: 𝑏 + 1 𝑏 − 1 = 𝑐𝑝
(𝑐: some positive integer)
– 𝑏 − 1, 𝑏 + 1: strictly between 0 and 𝑝(𝑏 ≢ 1 mod 𝑝 )
– A multiple of prime can’t be expressed as a product of
numbers that are smaller than it is.
– Therefore 𝑝 is composite.
–
–
–
–
The Chinese Remainder Theorem
• The Chinese remainder theorem
– If 𝑝 and 𝑞 are relatively prime,
a one-to-one correspondence between
𝑍𝑝𝑞 and 𝑍𝑝 × 𝑍𝑞 exists
• Each number 𝑟 ∈ 𝑍𝑝𝑞 corresponds to a pair 𝑎, 𝑏
where 𝑎 ∈ 𝑍𝑝 , 𝑏 ∈ 𝑍𝑞 such that
𝑟 ≡ 𝑎 mod 𝑝 , 𝑟 ≡ 𝑏 mod 𝑞
Theorem 10.8
• Theorem 10.8
– If 𝑝 is an odd composite number,
Pr 𝑃𝑅𝐼𝑀𝐸 𝑎𝑐𝑐𝑒𝑝𝑡𝑠 𝑝 ≤ 2−𝑘
Theorem 10.8(proof)
• We show:
if 𝑝 is an odd composite number and 𝑎 is
selected randomly in 𝑍𝑃+ ,
1
Pr 𝑎 𝑖𝑠 𝑎 𝑤𝑖𝑡𝑛𝑒𝑠𝑠 ≥
2
– At least as many witnesses as non-witnesses exist
in 𝑍𝑝+
• By finding a unique witness for each non-witness.
• If above is proved,
Pr 𝑃𝑅𝐼𝑀𝐸 𝑎𝑐𝑐𝑒𝑝𝑡𝑠 𝑝 ≤ 2−𝑘
is obvious.
Theorem 10.8(proof)
• In every non-witness, the sequence(stage 6):
all 1s
/ contains -1 at some position followed by 1s
– Among all non-witnesses of the second kind, find
a non-witness ℎ for which the -1 appears in the
largest position 𝑗 in the sequence.
(position for first element: 0)
•
𝑗
𝑠⋅2
ℎ
≡ −1(mod 𝑝)
Theorem 10.8(proof)
• 𝑝:composite→
𝑝: the power of a prime
/ 𝑝 = 𝑞𝑟 (𝑞, 𝑟: relatively prime)
• According to the Chinese remainder theorem:
some number 𝑡 ∈ 𝑍𝑝 whereby
𝑡 ≡ ℎ mod 𝑞 , 𝑡 ≡ 1(mod 𝑟)
• Therefore
𝑠⋅2𝑗
𝑠⋅2𝑗
𝑡
≡ −1 mod 𝑞 , 𝑡
≡ 1(mod 𝑟)
• Hence 𝑡 is a witness.
–𝑡
𝑠⋅2𝑗
≢ ±1 mod 𝑝 , 𝑡
𝑠⋅2𝑗+1
≡ 1(mod 𝑝)
Theorem 10.8(proof)
• One witness 𝑡 → more witnesses?
– 𝑑𝑡 mod 𝑝 is a unique witness for each nonwitness 𝑑
• Really a witness?: 𝑑 is a non-witness, therefore
𝑗
𝑗+1
𝑠⋅2
𝑠⋅2
𝑑
≡ ±1, 𝑑
≡ 1 mod 𝑝
𝑗
𝑗+1
𝑠⋅2
𝑠⋅2
(𝑑𝑡) ≢ ±1, (𝑑𝑡)
≡ 1 mod 𝑝
• Unique?: 𝑑1 , 𝑑2 are distinct non-witnesses,
𝑑1 𝑡 mod 𝑝 ≠ 𝑑2 𝑡 mod 𝑝
– 𝑡 𝑠⋅2
𝑗+1
≡ 𝑡 ⋅ 𝑡 𝑠⋅2
𝑗+1 −1
≡ 1(mod 𝑝)
if 𝑡𝑑1 ≡ 𝑡𝑑2 (mod 𝑝), then
𝑗+1 −1
𝑗+1 −1
𝑠⋅2
𝑠⋅2
𝑑1 = 𝑡𝑑1 ⋅ 𝑡
mod 𝑝 = 𝑡𝑑2 ⋅ 𝑡
mod 𝑝 = 𝑑2
Theorem 10.8(proof)
• 𝑝:composite→
𝑝: the power of a prime
/ 𝑝 = 𝑞𝑟 (𝑞, 𝑟: relatively prime)
– 𝑝 = 𝑞 𝑒 where 𝑞 is prime and 𝑒 > 1
– Let 𝑡 = 1 + 𝑞 𝑒−1 , and expanding 𝑡 𝑝 using the
binomial theorem,
𝑡 𝑝 = 1 + 𝑞 𝑒−1 𝑝 = 1 + 𝑝𝑞 𝑒−1
+𝑚𝑢𝑙𝑡𝑖𝑝𝑙𝑒𝑠 𝑜𝑓 ℎ𝑖𝑔ℎ𝑒𝑟 𝑝𝑜𝑤𝑒𝑟𝑠 𝑜𝑓 𝑞 𝑒−1
– This is equivalent to 1 mod 𝑝
– Therefore 𝑡 is a witness.
(QED)
PRIMES ∈ BPP
• PRIMES={𝑛| 𝑛 is a prime number in binary}
• Theorem 10.9: 𝑃𝑅𝐼𝑀𝐸𝑆 ∈BPP
One-sided error
• The algorithm “PRIME” has one-sided error
– When the algorithm rejects
→ the input is 100% composite.
– When the algorithm accepts
→ there may be incorrect answer
• One-sided error is a common feature in
probabilistic algorithms
– Special complexity class “RP” is designated
Class RP
• Definition 10.10: Class RP
– RP is the class of languages that are recognized by
probabilistic polynomial time Turing machine
where inputs in the language are accepted with a
1
probability of at least and inputs not in the
2
language are rejected with a probability of 1.
• Ex. COMPOSITES ∈ RP
Branching Programs
• A branching program
– Model of computation used in complexity theory
and in certain practical areas(ex. CAD).
– Testing whether two branching programs are
equivalent
• Generally it is coNP-complete
• A certain restriction on the class of branching programs
→a probabilistic polynomial time algorithm for testing
equivalence
Branching Programs
• Definition 10.11: A branching program
– A branching program is a directed acyclicgraph
where all nodes are labeled by variables, except
for two output nodes labeled 0 or 1. The nodes
that are labeled by variables are called query
nodes. Every query node has two outgoing edges,
one labeled 0 and the other labeled 1. Both
output nodes have no outgoing edges. One of the
nodes in a branching program is designated the
start node.
Read-once Branching Programs
• A read-once branching program
– A branching program that can query each variable
at most one time on every directed path from the
start node to an output node
Read-once Branching Programs
Theorem 10.13
• 𝐸𝑄𝑅𝑂𝐵𝑃 ={ 𝐵1 , 𝐵2 |𝐵1 and 𝐵2 are equivalent
read-once branching programs}
• Theorem 10.13
– 𝐸𝑄𝑅𝑂𝐵𝑃 ∈ BPP
Theorem 10.13
• Proof idea
– “Assign random values to the variables 𝑥1 , … , 𝑥𝑚 ,
and accept if 𝐵1 and 𝐵2 agree on the
assignment“?
• If 𝐵1 and 𝐵2 disagree only on a single assignment out of
the 2𝑚 possible assignments?
→this doesn’t work.
– “Randomly select a non-Boolean assignment to
the variables and evaluate 𝐵1 and 𝐵2 in a suitably
defined manner”
Theorem 10.3(proof)
• Assign polynomials over 𝑥1 , … , 𝑥𝑚 to the
nodes/edges of a read-once branching
program 𝐵
– Start node: assign the constant function 1
– A node labeled 𝑥 has been assigned polynomial 𝑝
→outgoing 1-edge: assign the polynomial 𝑥𝑝,
outgoing 0-edge: assign the polynomial 1 − 𝑥 𝑝
– A node: assign the sum of the polynomials of the
incoming edges
– 𝐵 itself: assign
the polynomial of the output node 1
Theorem 10.13(proof)
𝑝=1
𝑝=
1 − 𝑥1
𝑝=
1 − 𝑥1
(1 − 𝑥2 )
𝑝 = 𝑥1
𝑝 = 𝑥1
(1 − 𝑥2 )
𝑝 = 1 − 𝑥1 1 − 𝑥2 𝑥3
+𝑥1 1 − 𝑥2 𝑥3 + 𝑥1 𝑥2
Theorem 10.13(proof)
• ℱ: a finite field with at least 3𝑚 elements
• Algorithm:
𝐷 =“On input 𝐵1 , 𝐵2 :
1. Select elements 𝑎1 , … , 𝑎𝑚 randomly from ℱ
2. Evaluate the assigned polynomials 𝑝1 , 𝑝2 at 𝑎1
through 𝑎𝑚
3. If 𝑝1 𝑎1 , … , 𝑎𝑚 = 𝑝2 𝑎1 , … , 𝑎𝑚 then accept;
otherwise reject
• This runs in polynomial time
• Error probability: at
1
most
3
Theorem 10.13(proof)
• Relation between a read-once branching
program 𝐵 and the assigned polynomial 𝑝?
– For any Boolean assignments to 𝐵’s variables, all
polynomials assigned to its nodes evaluate to
either 1 or 0
• The polynomials that evaluate to 1 are those on the
computation path for the assignment
– Since 𝐵 is read-once, the polynomial is written as
𝑝 = ∑ ∏𝑦𝑖
(𝑦𝑖 = 𝑥𝑖 , 1 − 𝑥𝑖 , 1)
• 𝑦𝑖 = 1: when a path doesn’t contain variable 𝑥𝑖
Theorem 10.13(proof)
• split “𝑦𝑖 = 1” in the polynomial 𝑝:
𝑦𝑖 = 1 = 𝑥𝑖 + (1 − 𝑥𝑖 )
• The end result is an equivalent polynomial 𝑞
that contains a product term for each
assignment on which 𝐵 evaluates to 1
Theorem 10.13(proof)
• 𝐵1 and 𝐵2 are equivalent:
this algorithm always accepts
– They evaluate to 1 on exactly the same
assignments, so 𝑞1 and 𝑞2 are equal.
Therefore 𝑝1 and 𝑝2 are always the same
• 𝐵1 and 𝐵2 are inequivalent:
this algorithm rejects with a probability of at
2
least
3
– Shown by Lemma 10.15
• We need Lemma 10.14 to prove Lemma 10.15
(QED)
Lemma 10.14
• Lemma 10.14
– For every 𝑑 ≥ 0, a degree-𝑑 polynomial 𝑝 on a
single variable 𝑥 either has at most 𝑑 roots, or is
everywhere equal to 0.
Lemma 10.14(proof)
• Induction on 𝑑
– Basis:𝑑 = 0
• A polynomial of degree 0 is constant. If that constant is
not 0, the polynomial has no roots.
– Induction step: Assume true for 𝑑 − 1 and prove
true for 𝑑
• If 𝑝: non-zero polynomial of degree 𝑑 with a root at 𝑎
→the polynomial (𝑥 − 𝑎) divides 𝑝 evenly.
• Then the polynomial 𝑝/(𝑥 − 𝑎) is an non-zero
polynomial of degree 𝑑 − 1, and it has at most 𝑑 − 1
roots by virtue of the induction hypothesis.
(QED)
Lemma 10.15
• Lemma 10.15
– Let ℱ be a finite field with 𝑓 elements and let 𝑝 be
a nonzero polynomial on the variables 𝑥1 through
𝑥𝑚 , where each variable has degree at most 𝑑.
If 𝑎1 through 𝑎𝑚 are selected randomly in ℱ, then
𝑚𝑑
Pr 𝑝 𝑎1 , … , 𝑎𝑚 = 0 ≤
𝑓
Lemma 10.15(proof)
• Induction on 𝑚
– Basis: 𝑚 = 1
By Lemma 10.14, 𝑝 has at most 𝑑 roots, so the
probability that 𝑎1 is one of them is at most 𝑑/𝑓
Lemma 10.15(proof)
• Induction on 𝑚
– Induction step: true for 𝑚 − 1 and proof for 𝑚
• 𝑥1 : one of 𝑝’s variables, then
𝑑
𝑝=
𝑥1
𝑖
× 𝑝𝑖 (𝑥2 , … , 𝑥𝑚 )
𝑖=0
• If 𝑝 𝑎1 , … , 𝑎𝑚 = 0, two possible cases.
1.
2.
All 𝑝𝑖 evaluate to 0
Some 𝑝𝑖 doesn’t evaluate to 0 and
𝑎1 is the root of the single variable polynomial obtained by
evaluating 𝑝0 through 𝑝𝑑 on 𝑎2 through 𝑎𝑚
Lemma 10.15(proof)
• Induction on 𝑚
– Bound the probability of the first case
• 𝑝 is non-zero, so one of 𝑝𝑗 must not be non-zero
• The probability of the first case
≤ 𝑝𝑗 evaluates to 0
• By induction hypothesis,
𝑝𝑗 evaluates to 0 ≤ 𝑚 − 1 𝑑/𝑓
– Bound the probability of the second case
• On the assignment 𝑎2 , … , 𝑎𝑚 , 𝑝 reduces to a non-zero
polynomial in the single variable 𝑥1 .
• The basis of induction shows the probability is at most 𝑑/𝑓
– Therefore the probability that 𝑎1 , … , 𝑎𝑚 is a root of
the polynomial is at most 𝑚𝑑/𝑓
(QED)
Pseudorandom generators
• Here, we assume these algorithms use true
randomness
– True randomness is difficult (or impossible) to obtain
• → pseudorandom generators
– Deterministic algorithms whose output appears random
• Probabilistic algorithms may work equally with
pseudorandom generators
– Proving this is difficult
• Sometimes they may not work well with certain
pseudorandom generators
• Sophisticated pseudorandom generators
– Under the assumption of a one-way function
Summary
• A probabilistic Turing machine
– A type of nondeterministic TM with coin-flip steps
• class BPP
– The complexity class associated with polynomial
probabilistic TMs
• Examples of probabilistic algorithms
– Primality testing
– Checking equivalence of read-once branching
programs
• One-sided error and class RP
Thank you for listening!
Related documents
Name: Math 111 - Midterm 1 Review Problems
Name: Math 111 - Midterm 1 Review Problems
Proof that 2+2=4
Proof that 2+2=4
[Part 2]
[Part 2]
Here - UMD MATH
Here - UMD MATH
A Readable Introduction to Real Mathematics
A Readable Introduction to Real Mathematics
Determine the number of odd binomial coefficients in the expansion
Determine the number of odd binomial coefficients in the expansion
Fermat*s Little Theorem (2/24)
Fermat*s Little Theorem (2/24)
Fermat`s Last Theorem for regular primes
Fermat`s Last Theorem for regular primes
MAS144 – Computational Mathematics and Statistics A (Statistics)
MAS144 – Computational Mathematics and Statistics A (Statistics)
Lesson 4.5
Lesson 4.5
Intermediate Value Theorem (IVT)
Intermediate Value Theorem (IVT)
UNIFORM RANDOM NUMBER GENERATION Chapter 7 (first half)
UNIFORM RANDOM NUMBER GENERATION Chapter 7 (first half)