Relativizations of the P =? DNP Question for the BSS Model

We consider the uniform BSS model of computation where the machines can perform additions, multiplications, and tests of the form $xgeq 0$. The oracle machines can also check whether a tuple of real numbers belongs to a given oracle set ${cal O}$ or not. We construct oracles such that the classes P and DNP relative to these oracles are equal or not equal

On the Impossibility of Probabilistic Proofs in Relativized Worlds

We initiate the systematic study of probabilistic proofs in relativized worlds, where the goal is to understand, for a given oracle, the possibility of "non-trivial" proof systems for deterministic or nondeterministic computations that make queries to the oracle. This question is intimately related to a recent line of work that seeks to improve the efficiency of probabilistic proofs for computations that use functionalities such as cryptographic hash functions and digital signatures, by instantiating them via constructions that are "friendly" to known constructions of probabilistic proofs. Informally, negative results about probabilistic proofs in relativized worlds provide evidence that this line of work is inherent and, conversely, positive results provide a way to bypass it. We prove several impossibility results for probabilistic proofs relative to natural oracles. Our results provide strong evidence that tailoring certain natural functionalities to known probabilistic proofs is inherent

On Basing Auxiliary-Input Cryptography on NP-Hardness via Nonadaptive Black-Box Reductions

Constructing one-way functions based on NP-hardness is a central challenge in theoretical computer science. Unfortunately, Akavia et al. [Akavia et al., 2006] presented strong evidence that a nonadaptive black-box (BB) reduction is insufficient to solve this challenge. However, should we give up such a central proof technique even for an intermediate step? In this paper, we turn our eyes from standard cryptographic primitives to weaker cryptographic primitives allowed to take auxiliary-input and continue to explore the capability of nonadaptive BB reductions to base auxiliary-input primitives on NP-hardness. Specifically, we prove the followings: - if we base an auxiliary-input pseudorandom generator (AIPRG) on NP-hardness via a nonadaptive BB reduction, then the polynomial hierarchy collapses; - if we base an auxiliary-input one-way function (AIOWF) or auxiliary-input hitting set generator (AIHSG) on NP-hardness via a nonadaptive BB reduction, then an (i.o.-)one-way function also exists based on NP-hardness (via an adaptive BB reduction). These theorems extend our knowledge on nonadaptive BB reductions out of the current worst-to-average framework. The first result provides new evidence that nonadaptive BB reductions are insufficient to base AIPRG on NP-hardness. The second result also yields a weaker but still surprising consequence of nonadaptive BB reductions, i.e., a one-way function based on NP-hardness. In fact, the second result is interpreted in the following two opposite ways. Pessimistically, it shows that basing AIOWF or AIHSG on NP-hardness via nonadaptive BB reductions is harder than constructing a one-way function based on NP-hardness, which can be regarded as a negative result. Note that AIHSG is a weak primitive implied even by the hardness of learning; thus, this pessimistic view provides conceptually stronger limitations than the currently known limitations on nonadaptive BB reductions. Optimistically, it offers a new hope: breakthrough construction of auxiliary-input primitives might also provide construction standard cryptographic primitives. This optimistic view enhances the significance of further investigation on constructing auxiliary-input or other intermediate cryptographic primitives instead of standard cryptographic primitives

Strong Turing Degrees for Additive BSS RAM's

For the additive real BSS machines using only constants 0 and 1 and order tests we consider the corresponding Turing reducibility and characterize some semi-decidable decision problems over the reals. In order to refine, step-by-step, a linear hierarchy of Turing degrees with respect to this model, we define several halting problems for classes of additive machines with different abilities and construct further suitable decision problems. In the construction we use methods of the classical recursion theory as well as techniques for proving bounds resulting from algebraic properties. In this way we extend a known hierarchy of problems below the halting problem for the additive machines using only equality tests and we present a further subhierarchy of semi-decidable problems between the halting problems for the additive machines using only equality tests and using order tests, respectively

A novel characterization of the complexity class based on counting and comparison

This is the author's accepted versionFinal version available from Elsevier via the DOI in this recordThe complexity class Θ2P, which is the class of languages recognizable by deterministic Turing machines in polynomial time with at most logarithmic many calls to an NP oracle, received extensive attention in the literature. Its complete problems can be characterized by different specific tasks, such as deciding whether the optimum solution of an NP problem is unique, or whether it is in some sense “odd” (e.g., whether its size is an odd number). In this paper, we introduce a new characterization of this class and its generalization ΘkP to the k-th level of the polynomial hierarchy. We show that problems in ΘkP are also those whose solution involves deciding, for two given sets A and B of instances of two Σk−1P-complete (or Πk−1P-complete) problems, whether the number of “yes”-instances in A is greater than those in B. Moreover, based on this new characterization, we provide a novel sufficient condition for ΘkP-hardness. We also define the general problem Comp-Validk, which is proven here Θk+1P-complete. Comp-Validk is the problem of deciding, given two sets A and B of quantified Boolean formulas with at most k alternating quantifiers, whether the number of valid formulas in A is greater than those in B. Notably, the problem Comp-Sat of deciding whether a set contains more satisfiable Boolean formulas than another set, which is a particular case of Comp-Valid1, demonstrates itself as a very intuitive Θ2P-complete problem. Nonetheless, to our knowledge, it eluded its formal definition to date. In fact, given its strict adherence to the count-and-compare semantics here introduced, Comp-Validk is among the most suitable tools to prove ΘkP-hardness of problems involving the counting and comparison of the number of “yes”-instances in two sets. We support this by showing that the Θ2P-hardness of the Max voting scheme over mCP-nets is easily obtained via the new characterization of ΘkP introduced in this paper.This work was supported by the UK EPSRC grants EP/J008346/1, EP/L012138/1, and EP/M025268/1, and by The Alan Turing Institute under the EPSRC grant EP/N510129/1. We thank Dominik Peters and the anonymous reviewers for their helpful comments on a preliminary version of the paper

Complexity of certificates, heuristics, and counting types , with applications to cryptography and circuit theory

In dieser Habilitationsschrift werden Struktur und Eigenschaften von Komplexitätsklassen wie P und NP untersucht, vor allem im Hinblick auf: Zertifikatkomplexität, Einwegfunktionen, Heuristiken gegen NP-Vollständigkeit und Zählkomplexität. Zum letzten Punkt werden speziell untersucht: (a) die Komplexität von Zähleigenschaften von Schaltkreisen, (b) Separationen von Zählklassen mit Immunität und (c) die Komplexität des Zählens der Lösungen von ,,tally`` NP-Problemen