45 research outputs found
Relativizations of the P =? DNP Question for the BSS Model
We consider the uniform BSS model of computation where the machines can perform additions, multiplications, and tests of the form . The oracle machines can also check whether a tuple of real numbers belongs to a given oracle set or not. We construct oracles such that the classes P and DNP relative to these oracles are equal or not equal
On the Impossibility of Probabilistic Proofs in Relativized Worlds
We initiate the systematic study of probabilistic proofs in relativized worlds, where the goal is to understand, for a given oracle, the possibility of "non-trivial" proof systems for deterministic or nondeterministic computations that make queries to the oracle.
This question is intimately related to a recent line of work that seeks to improve the efficiency of probabilistic proofs for computations that use functionalities such as cryptographic hash functions and digital signatures, by instantiating them via constructions that are "friendly" to known constructions of probabilistic proofs. Informally, negative results about probabilistic proofs in relativized worlds provide evidence that this line of work is inherent and, conversely, positive results provide a way to bypass it.
We prove several impossibility results for probabilistic proofs relative to natural oracles. Our results provide strong evidence that tailoring certain natural functionalities to known probabilistic proofs is inherent
On Basing Auxiliary-Input Cryptography on NP-Hardness via Nonadaptive Black-Box Reductions
Constructing one-way functions based on NP-hardness is a central challenge in theoretical computer science. Unfortunately, Akavia et al. [Akavia et al., 2006] presented strong evidence that a nonadaptive black-box (BB) reduction is insufficient to solve this challenge. However, should we give up such a central proof technique even for an intermediate step?
In this paper, we turn our eyes from standard cryptographic primitives to weaker cryptographic primitives allowed to take auxiliary-input and continue to explore the capability of nonadaptive BB reductions to base auxiliary-input primitives on NP-hardness. Specifically, we prove the followings:
- if we base an auxiliary-input pseudorandom generator (AIPRG) on NP-hardness via a nonadaptive BB reduction, then the polynomial hierarchy collapses;
- if we base an auxiliary-input one-way function (AIOWF) or auxiliary-input hitting set generator (AIHSG) on NP-hardness via a nonadaptive BB reduction, then an (i.o.-)one-way function also exists based on NP-hardness (via an adaptive BB reduction).
These theorems extend our knowledge on nonadaptive BB reductions out of the current worst-to-average framework. The first result provides new evidence that nonadaptive BB reductions are insufficient to base AIPRG on NP-hardness. The second result also yields a weaker but still surprising consequence of nonadaptive BB reductions, i.e., a one-way function based on NP-hardness. In fact, the second result is interpreted in the following two opposite ways. Pessimistically, it shows that basing AIOWF or AIHSG on NP-hardness via nonadaptive BB reductions is harder than constructing a one-way function based on NP-hardness, which can be regarded as a negative result. Note that AIHSG is a weak primitive implied even by the hardness of learning; thus, this pessimistic view provides conceptually stronger limitations than the currently known limitations on nonadaptive BB reductions. Optimistically, it offers a new hope: breakthrough construction of auxiliary-input primitives might also provide construction standard cryptographic primitives. This optimistic view enhances the significance of further investigation on constructing auxiliary-input or other intermediate cryptographic primitives instead of standard cryptographic primitives
Strong Turing Degrees for Additive BSS RAM's
For the additive real BSS machines using only constants 0 and 1 and order
tests we consider the corresponding Turing reducibility and characterize some
semi-decidable decision problems over the reals. In order to refine,
step-by-step, a linear hierarchy of Turing degrees with respect to this model,
we define several halting problems for classes of additive machines with
different abilities and construct further suitable decision problems. In the
construction we use methods of the classical recursion theory as well as
techniques for proving bounds resulting from algebraic properties. In this way
we extend a known hierarchy of problems below the halting problem for the
additive machines using only equality tests and we present a further
subhierarchy of semi-decidable problems between the halting problems for the
additive machines using only equality tests and using order tests,
respectively
A novel characterization of the complexity class based on counting and comparison
This is the author's accepted versionFinal version available from Elsevier via the DOI in this recordThe complexity class Î2P, which is the class of languages recognizable by deterministic Turing machines in polynomial time with at most logarithmic many calls to an NP oracle, received extensive attention in the literature. Its complete problems can be characterized by different specific tasks, such as deciding whether the optimum solution of an NP problem is unique, or whether it is in some sense âoddâ (e.g., whether its size is an odd number). In this paper, we introduce a new characterization of this class and its generalization ÎkP to the k-th level of the polynomial hierarchy. We show that problems in ÎkP are also those whose solution involves deciding, for two given sets A and B of instances of two ÎŁkâ1P-complete (or Î kâ1P-complete) problems, whether the number of âyesâ-instances in A is greater than those in B. Moreover, based on this new characterization, we provide a novel sufficient condition for ÎkP-hardness. We also define the general problem Comp-Validk, which is proven here Îk+1P-complete. Comp-Validk is the problem of deciding, given two sets A and B of quantified Boolean formulas with at most k alternating quantifiers, whether the number of valid formulas in A is greater than those in B. Notably, the problem Comp-Sat of deciding whether a set contains more satisfiable Boolean formulas than another set, which is a particular case of Comp-Valid1, demonstrates itself as a very intuitive Î2P-complete problem. Nonetheless, to our knowledge, it eluded its formal definition to date. In fact, given its strict adherence to the count-and-compare semantics here introduced, Comp-Validk is among the most suitable tools to prove ÎkP-hardness of problems involving the counting and comparison of the number of âyesâ-instances in two sets. We support this by showing that the Î2P-hardness of the Max voting scheme over mCP-nets is easily obtained via the new characterization of ÎkP introduced in this paper.This work was supported by the UK EPSRC grants EP/J008346/1, EP/L012138/1, and EP/M025268/1, and by The Alan Turing Institute under the EPSRC grant EP/N510129/1. We thank Dominik Peters and the anonymous reviewers for their helpful comments on a preliminary version of the paper
Complexity of certificates, heuristics, and counting types , with applications to cryptography and circuit theory
In dieser Habilitationsschrift werden Struktur und Eigenschaften von KomplexitÀtsklassen wie P und NP untersucht, vor allem im Hinblick auf: ZertifikatkomplexitÀt, Einwegfunktionen, Heuristiken gegen NP-VollstÀndigkeit und ZÀhlkomplexitÀt. Zum letzten Punkt werden speziell untersucht: (a) die KomplexitÀt von ZÀhleigenschaften von Schaltkreisen, (b) Separationen von ZÀhlklassen mit ImmunitÀt und (c) die KomplexitÀt des ZÀhlens der Lösungen von ,,tally`` NP-Problemen