8,820 research outputs found

    The Number of Boolean Functions with Multiplicative Complexity 2

    Get PDF
    Multiplicative complexity is a complexity measure defined as the minimum number of AND gates required to implement a given primitive by a circuit over the basis (AND, XOR, NOT). Implementations of ciphers with a small number of AND gates are preferred in protocols for fully homomorphic encryption, multi-party computation and zero-knowledge proofs. In 2002, Fischer and Peralta showed that the number of nn-variable Boolean functions with multiplicative complexity one equals 2(2n3)2\binom{2^n}{3}. In this paper, we study Boolean functions with multiplicative complexity 2. By characterizing the structure of these functions in terms of affine equivalence relations, we provide a closed form formula for the number of Boolean functions with multiplicative complexity 2

    Boolean Functions with Multiplicative Complexity 3 and 4

    Get PDF
    Multiplicative complexity (MC) is defined as the minimum number of AND gates required to implement a function with a circuit over the basis (AND, XOR, NOT). Boolean functions with MC 1 and 2 have been characterized in Fischer and Peralta ( 2002) and Find et al. (2017), respectively. In this work, we identify the affine equivalence classes for functions with MC 3 and 4. In order to achieve this, we utilize the notion of the dimension dim(f)dim(f) of a Boolean function in relation to its linearity dimension, and provide a new lower bound suggesting that multiplicative complexity of ff is at least \ceil{dim(f)/2}. For MC 3, this implies that there are no equivalence classes other than those 2424 identified in Calik et al (2018). Using the techniques from Calik et al. (2018) and the new relation between dimension and MC, we identify the 1277 equivalence classes having MC 4. We also provide a closed formula for the number of nn-variable functions with MC 3 and 4. The techniques allow us to construct MC-optimal circuits for Boolean functions that have MC 4 or less, independent of the number of variables they are defined on

    The role of multiplicative complexity in compiling Low T-count Oracle circuits

    Get PDF
    We present a constructive method to create quantum circuits that implement oracles |x〉|y〉|0〉 k →|x〉|y⊕f(x)〉|0〉 k for n-variable Boolean functions f with low T-count. In our method f is given as a 2-regular Boolean logic network over the gate basis {∧, ⊕, 1}. Our construction leads to circuits with a T-count that is at most four times the number of AND nodes in the network. In addition, we propose a SAT-based method that allows us to trade qubits for T gates, and explore the space/complexity trade-off of quantum circuits. Our constructive method suggests a new upper bound for the number of T gates and ancilla qubits based on the multiplicative complexity c∧(f) of the oracle function f, which is the minimum number of AND gates that is required to realize f over the gate basis {∧, ⊕, 1}. There exists a quantum circuit computing f with at most 4c∧(f)T gates using k=c∧(f) ancillae. Results known for the multiplicative complexity of Boolean functions can be transferred. We verify our method by comparing it to different state-of-the-art compilers. Finally, we present our synthesis results for Boolean functions used in quantum cryptoanalysis

    New Bounds on the Multiplicative Complexity of Boolean Functions

    Get PDF
    Multiplicative Complexity (MC) is defined as the minimum number of AND gates required to implement a function with a circuit over the basis AND, XOR, NOT. This complexity measure is relevant for many advanced cryptographic protocols such as fully homomorphic encryption, multi-party computation, and zero-knowledge proofs, where processing AND gates is more expensive than processing XOR gates. Although there is no known asymptotically efficient technique to compute the MC of a random Boolean function, bounds on the MC of Boolean functions are successfully used to to show existence of Boolean functions with a particular MC. In 2000, Boyar et al. showed that, for all n≥0n\geq 0, at most 2k2+2k+2kn+n+12^{k^2+2k+2kn+n+1} nn-variable Boolean functions can be computed with kk AND gates. This bound is used to prove the existence of a 8-variable Boolean functions with MC greater than 7. In this paper, we improve the Boyar et al. bound

    On the Complexity of Computing Two Nonlinearity Measures

    Full text link
    We study the computational complexity of two Boolean nonlinearity measures: the nonlinearity and the multiplicative complexity. We show that if one-way functions exist, no algorithm can compute the multiplicative complexity in time 2O(n)2^{O(n)} given the truth table of length 2n2^n, in fact under the same assumption it is impossible to approximate the multiplicative complexity within a factor of (2−ϵ)n/2(2-\epsilon)^{n/2}. When given a circuit, the problem of determining the multiplicative complexity is in the second level of the polynomial hierarchy. For nonlinearity, we show that it is #P hard to compute given a function represented by a circuit

    A strong direct product theorem for quantum query complexity

    Full text link
    We show that quantum query complexity satisfies a strong direct product theorem. This means that computing kk copies of a function with less than kk times the quantum queries needed to compute one copy of the function implies that the overall success probability will be exponentially small in kk. For a boolean function ff we also show an XOR lemma---computing the parity of kk copies of ff with less than kk times the queries needed for one copy implies that the advantage over random guessing will be exponentially small. We do this by showing that the multiplicative adversary method, which inherently satisfies a strong direct product theorem, is always at least as large as the additive adversary method, which is known to characterize quantum query complexity.Comment: V2: 19 pages (various additions and improvements, in particular: improved parameters in the main theorems due to a finer analysis of the output condition, and addition of an XOR lemma and a threshold direct product theorem in the boolean case). V3: 19 pages (added grant information

    MALL proof equivalence is Logspace-complete, via binary decision diagrams

    Get PDF
    Proof equivalence in a logic is the problem of deciding whether two proofs are equivalent modulo a set of permutation of rules that reflects the commutative conversions of its cut-elimination procedure. As such, it is related to the question of proofnets: finding canonical representatives of equivalence classes of proofs that have good computational properties. It can also be seen as the word problem for the notion of free category corresponding to the logic. It has been recently shown that proof equivalence in MLL (the multiplicative with units fragment of linear logic) is PSPACE-complete, which rules out any low-complexity notion of proofnet for this particular logic. Since it is another fragment of linear logic for which attempts to define a fully satisfactory low-complexity notion of proofnet have not been successful so far, we study proof equivalence in MALL- (multiplicative-additive without units fragment of linear logic) and discover a situation that is totally different from the MLL case. Indeed, we show that proof equivalence in MALL- corresponds (under AC0 reductions) to equivalence of binary decision diagrams, a data structure widely used to represent and analyze Boolean functions efficiently. We show these two equivalent problems to be LOGSPACE-complete. If this technically leaves open the possibility for a complete solution to the question of proofnets for MALL-, the established relation with binary decision diagrams actually suggests a negative solution to this problem.Comment: in TLCA 201
    • …
    corecore