7 research outputs found

    NP-Completeness, Proof Systems, and Disjoint NP-Pairs

    Get PDF

    Non-determinism and quantum information

    Get PDF
    Bibliography: p. 89-91

    A Map of Witness Maps: New Definitions and Connections

    Get PDF
    A \emph{witness map} deterministically maps a witness ww of some NP statement xx into computationally sound proof that xx is true, with respect to a public common reference string (CRS). In other words, it is a deterministic, non-interactive, computationally sound proof system in the CRS model. A \emph{unique witness map} (UWM) ensures that for any fixed statement xx, the witness map should output the same \emph{unique} proof for xx, no matter what witness ww it is applied to. More generally a \emph{compact witness map} (CWM) can only output one of at most 2α2^\alpha proofs for any given statement xx, where α\alpha is some compactness parameter. Such compact/unique witness maps were proposed recently by Chakraborty, Prabhakaran and Wichs (PKC \u2720) as a tool for building tamper-resilient signatures, who showed how to construct UWMs from indistinguishability obfuscation (iO). In this work, we study CWMs and UWMs as primitives of independent interest and present a number of interesting connections to various notions in cryptography. \begin{itemize} \item First, we show that UWMs lie somewhere between witness PRFs (Zhandry; TCC \u2716) and iO -- they imply the former and are implied by the latter. In particular, we show that a relaxation of UWMs to the ``designated verifier (dv-UWM)\u27\u27 setting is \emph{equivalent} to witness PRFs. Moreover, we consider two flavors of such dv-UWMs, which correspond to two flavors of witness PRFs previously considered in the literature, and show that they are all in fact equivalent to each other in terms of feasibility. \item Next, we consider CWMs that are extremely compact, with α=O(log⁥Îș)\alpha = O(\log \kappa), where Îș\kappa is the security parameter. We show that such CWMs imply \emph{pseudo-UWMs} where the witness map is allowed to be \emph{pseudo-deterministic} -- i.e., for every true statement xx, there is a unique proof such that, on any witness ww, the witness map outputs this proof with 1−1/p(λ)1-1/p(\lambda) probability, for a polynomial pp that we can set arbitrarily large. \item Lastly, we consider CWMs that are mildly compact, with α=p(λ)\alpha = p(\lambda) for some a-priori fixed polynomial pp, independent of the length of the statement xx or witness ww. Such CWMs are implied by succinct non-interactive arguments (SNARGs). We show that such CWMs imply NIZKs, and therefore lie somewhere between NIZKs and SNARGs. \end{itemize

    On the structure of intractable sets

    Get PDF
    There are two parts to this dissertation. The first part is motivated by nothing less than a reexamination of what it means for a set to be NP-complete. Are there sets in NP that in a mathematically meaningful sense should be considered to be complete for NP, but that are not NP-complete in the usual sense that every set in NP is ≀q[subscript]spmP-reducible to it? We define a noneffective binary relation that makes precise the notion that the complexity of A is polynomially related to the complexity of B, This relation yields new completeness and hardness notions for complexity classes, and we show that there are sets that are hard for NP that are not NP-hard in the usual sense. We also show that there are sets that must be considered to be complete for E that are not even ≀q[subscript]spTP-complete for E;In a certain way, hardness and completeness with respect to the relation we define is related to the notion of almost everywhere (a.e.) complexity, and so we initiate this study by first investigating this notion. We state and prove a deterministic time hierarchy theorem for a.e. complexity that is as tight as the Hartmanis-Stearns hierarchy theorem for infinitely often complexity. This result is a significant improvement over all previously known hierarchy theorems for a.e. complex sets. We derive similar, very tight, hierarchy theorems for sets that cannot be a.e. complex for syntactic reasons, but for which, intuitively, a.e. complex notions should exit. Similar results are applied to the study of P-printable sets and sets of low generalized Kolmogorov complexity;The second part of this study deals with relativization. Does the fact that DTIME(O (n)) ≠ NTIME(n) help in leading us to a proof that P ≠ NP? Does one imply the other? We seek evidence that this is a hard . We construct an oracle that answers this question in the affirmative, and we construct an oracle that answers this question in the negative. We conclude that the result that DTIME(O (n)) ≠ NTIME(n) does not imply P ≠ NP by recursive theoretic techniques;Finally, we study the relationships between P, NP, and the unambiguous and random time classes UP, and RP. Questions concerning these relationships are motivated by complexity issues to public-key cryptosystems. We prove that there exists a recursive oracle A such that P[superscript]A ≠ UP[superscript]A≠ NP[superscript]A, and such that the first inequality is strong, i.e., there exists a P[superscript]A-immune set in UP[superscript]A. Further, we constructed a recursive oracle B such that UP[superscript]B contains an RP[superscript]B-immune set. As a corollary we obtain P[superscript]B ≠ RB[superscript]B≠ NP[superscript]B and both inequalities are strong. By use of the techniques employed in the proof that P[superscript]A≠ UP[superscript]A≠ NP[superscript]A, we are also able to solve an open problem raised by Book, Long and Selman

    Complejidad algorĂ­tmica : Cuestiones y aplicaciones Notables

    Get PDF
    Tesis Univ. Complutense de Madrid. Fac. CC. Mat., Dir. por Francisco Cano Sevilla, leĂ­da en Madrid, el 13 de julio de 1982.Depto. de EstadĂ­stica e InvestigaciĂłn OperativaFac. de Ciencias MatemĂĄticasTRUEProQuestpu

    Complexity of certificates, heuristics, and counting types , with applications to cryptography and circuit theory

    Get PDF
    In dieser Habilitationsschrift werden Struktur und Eigenschaften von KomplexitÀtsklassen wie P und NP untersucht, vor allem im Hinblick auf: ZertifikatkomplexitÀt, Einwegfunktionen, Heuristiken gegen NP-VollstÀndigkeit und ZÀhlkomplexitÀt. Zum letzten Punkt werden speziell untersucht: (a) die KomplexitÀt von ZÀhleigenschaften von Schaltkreisen, (b) Separationen von ZÀhlklassen mit ImmunitÀt und (c) die KomplexitÀt des ZÀhlens der Lösungen von ,,tally`` NP-Problemen
    corecore