Non-determinism and quantum information

Bibliography: p. 89-91

A Map of Witness Maps: New Definitions and Connections

A \emph{witness map} deterministically maps a witness $w$ of some NP statement $x$ into computationally sound proof that $x$ is true, with respect to a public common reference string (CRS). In other words, it is a deterministic, non-interactive, computationally sound proof system in the CRS model. A \emph{unique witness map} (UWM) ensures that for any fixed statement $x$, the witness map should output the same \emph{unique} proof for $x$, no matter what witness $w$ it is applied to. More generally a \emph{compact witness map} (CWM) can only output one of at most $2^\alpha$ proofs for any given statement $x$, where $\alpha$ is some compactness parameter. Such compact/unique witness maps were proposed recently by Chakraborty, Prabhakaran and Wichs (PKC \u2720) as a tool for building tamper-resilient signatures, who showed how to construct UWMs from indistinguishability obfuscation (iO). In this work, we study CWMs and UWMs as primitives of independent interest and present a number of interesting connections to various notions in cryptography. \begin{itemize} \item First, we show that UWMs lie somewhere between witness PRFs (Zhandry; TCC \u2716) and iO -- they imply the former and are implied by the latter. In particular, we show that a relaxation of UWMs to the ``designated verifier (dv-UWM)\u27\u27 setting is \emph{equivalent} to witness PRFs. Moreover, we consider two flavors of such dv-UWMs, which correspond to two flavors of witness PRFs previously considered in the literature, and show that they are all in fact equivalent to each other in terms of feasibility. \item Next, we consider CWMs that are extremely compact, with $\alpha = O(\log \kappa)$, where $\kappa$ is the security parameter. We show that such CWMs imply \emph{pseudo-UWMs} where the witness map is allowed to be \emph{pseudo-deterministic} -- i.e., for every true statement $x$, there is a unique proof such that, on any witness $w$, the witness map outputs this proof with $1-1/p(\lambda)$ probability, for a polynomial $p$ that we can set arbitrarily large. \item Lastly, we consider CWMs that are mildly compact, with $\alpha = p(\lambda)$ for some a-priori fixed polynomial $p$, independent of the length of the statement $x$ or witness $w$. Such CWMs are implied by succinct non-interactive arguments (SNARGs). We show that such CWMs imply NIZKs, and therefore lie somewhere between NIZKs and SNARGs. \end{itemize

On the structure of intractable sets

There are two parts to this dissertation. The first part is motivated by nothing less than a reexamination of what it means for a set to be NP-complete. Are there sets in NP that in a mathematically meaningful sense should be considered to be complete for NP, but that are not NP-complete in the usual sense that every set in NP is ≤q[subscript]spmP-reducible to it? We define a noneffective binary relation that makes precise the notion that the complexity of A is polynomially related to the complexity of B, This relation yields new completeness and hardness notions for complexity classes, and we show that there are sets that are hard for NP that are not NP-hard in the usual sense. We also show that there are sets that must be considered to be complete for E that are not even ≤q[subscript]spTP-complete for E;In a certain way, hardness and completeness with respect to the relation we define is related to the notion of almost everywhere (a.e.) complexity, and so we initiate this study by first investigating this notion. We state and prove a deterministic time hierarchy theorem for a.e. complexity that is as tight as the Hartmanis-Stearns hierarchy theorem for infinitely often complexity. This result is a significant improvement over all previously known hierarchy theorems for a.e. complex sets. We derive similar, very tight, hierarchy theorems for sets that cannot be a.e. complex for syntactic reasons, but for which, intuitively, a.e. complex notions should exit. Similar results are applied to the study of P-printable sets and sets of low generalized Kolmogorov complexity;The second part of this study deals with relativization. Does the fact that DTIME(O (n)) ≠ NTIME(n) help in leading us to a proof that P ≠ NP? Does one imply the other? We seek evidence that this is a hard . We construct an oracle that answers this question in the affirmative, and we construct an oracle that answers this question in the negative. We conclude that the result that DTIME(O (n)) ≠ NTIME(n) does not imply P ≠ NP by recursive theoretic techniques;Finally, we study the relationships between P, NP, and the unambiguous and random time classes UP, and RP. Questions concerning these relationships are motivated by complexity issues to public-key cryptosystems. We prove that there exists a recursive oracle A such that P[superscript]A ≠ UP[superscript]A≠ NP[superscript]A, and such that the first inequality is strong, i.e., there exists a P[superscript]A-immune set in UP[superscript]A. Further, we constructed a recursive oracle B such that UP[superscript]B contains an RP[superscript]B-immune set. As a corollary we obtain P[superscript]B ≠ RB[superscript]B≠ NP[superscript]B and both inequalities are strong. By use of the techniques employed in the proof that P[superscript]A≠ UP[superscript]A≠ NP[superscript]A, we are also able to solve an open problem raised by Book, Long and Selman

Complejidad algorítmica : Cuestiones y aplicaciones Notables

Tesis Univ. Complutense de Madrid. Fac. CC. Mat., Dir. por Francisco Cano Sevilla, leída en Madrid, el 13 de julio de 1982.Depto. de Estadística e Investigación OperativaFac. de Ciencias MatemáticasTRUEProQuestpu

Complexity of certificates, heuristics, and counting types , with applications to cryptography and circuit theory

In dieser Habilitationsschrift werden Struktur und Eigenschaften von Komplexitätsklassen wie P und NP untersucht, vor allem im Hinblick auf: Zertifikatkomplexität, Einwegfunktionen, Heuristiken gegen NP-Vollständigkeit und Zählkomplexität. Zum letzten Punkt werden speziell untersucht: (a) die Komplexität von Zähleigenschaften von Schaltkreisen, (b) Separationen von Zählklassen mit Immunität und (c) die Komplexität des Zählens der Lösungen von ,,tally`` NP-Problemen