Presentation is loading. Please wait.

Presentation is loading. Please wait.

Probabilistic Complexity

Published byΝύξ Ακρίδας Modified over 5 years ago

Similar presentations

Presentation on theme: "Probabilistic Complexity"— Presentation transcript:

1 Probabilistic Complexity

2 Probabilistic Algorithms
Def: A probabilistic Turing Machine M is a type of non-deterministic TM, where each non-deterministic step is called a coin-flip step and has 2 legal next moves.

3 Define the probability of branch b to be
Pr[b]=2-k, where k is the number of coin-flip steps that occur on branch b. Define the probability that M accepts w to be Pr[M accepts w] =  Pr[b] For 0    ½ , we say that M recognize language A with error probability  if wA implies Pr[M accepts w]  1-, and wA implies Pr[M rejects w]  1-

4 Lemma: [Amplification Lemma]
BPP Def: BPP is the class of languages that are recognized by probabilistic polynomial time TM’s with an error probability of 1/3 . Lemma: [Amplification Lemma] Let 0<<½. Then for any polynomial p(n) a probabilistic poly time TM M1 that operates with error probability  has an equivalent probabilistic poly time TM M2 that operates with an error probability of 2-p(n) .

5 Pf: M1: recognizes a language with error , and a poly p(n). Construct M2 that recognizes the same language with an error probability 2-p(n). M2 =“ On input w 1. Calculate k and repeat the following 2k times 2. Simulate M1 on w. 3. If most runs of M1 accept, then accept; otherwise reject. ”

6 M1 errs on w with some probability    < ½ , /1- <1 .
(1-)-(1-)<0

7 Need to show that (k+1)(4(1-))k  2-p(n) .
Let t=2p(n), a=1/4(1-), b=max(1,1/loga), c=2logbt, k=bc Claim: (k+1)(1/a)k  1/t ak = abc  abc  2c 2c = 22log(bt) = (bt)2 b1, assume that t9  bt9  bt>2+2log(bt)  (bt)2 > bt(2+2logbt) = t(2b+2blogbt) ∵ b 1 i) if 1/loga > 1  b=1/loga  abc=a1/loga•C=2 C ii) if 1/loga < 1  b=1 and a>2  abc=aC>2 C

8 Hence ak  t(2+2blogbt)  t(1+2blogbt)  t(1+bc)
= t(k+1) (k+1)(4(1- ))k = (k+1)/ak  1/t =2-p(n)

9 Primality: Composite number : 複合數 Prime : 質數
Zp+={1,2,…,p-1}, Zp ={0}Zp+ Z5 ={0,1,2,3,4} Z6 ={0,1,2,3,4,5} Z6+={1,2,3,4,5} x mod p is the smallest non-negative y where x  y (mod p) .

10 Lemma: Suppose that a1,…,at all divide n and (ai,aj)=1 for ij.
Then a1…at n. Pf: By induction. It is clear for t=1 Suppose the lemma is true up to t-1, i.e. a1…at-1n. (at,a1…at-1)=1  Exist r and s such that r  at + s  a1…at-1 =1, ratn + sa1…at-1n=n . by ind. at-1n

11 Thm: (Chinese Remainder theorem)
Suppose m=m1m2…mt and (mi,mj)=1 for ij. Let b1,b2,…,bt be integers and consider the system of congruencies : xb1 (mod m1) xb2 (mod m2) xbt (mod mt)

12 Pf: Let ni = m/mi , then (mi,ni)=1.  Exist ri and si such that rimi+sini=1. Let ei = sini  ei  1 (mod mi) ei  0 (mod mj), ij Let x0= biei. Then x0  biei (mod mi)  bi (mod mi)  x0 is a solution. Suppose x1 is another solution. Then x1–x0  0 (mod mj), for i=1,…,t . That is m1,…,mt divide x1-x0 .  m x1-x0

13 Thm: (Fermat’s little theorem)
The CRT says that a 1-1 correspondence exists between Zm and Zm1×…×Zmt Thm: (Fermat’s little theorem) If p is a prime number and aZp+, then ap-1  1 (mod p) .

14 Pf: 1a,2a,…,(p-1)a 1i,jp-1, ia  ja (mod p) (ia–ja)  0 (mod p) (i-j)a = k‧p  p (i-j)  i=j . Thus, 1a,2a,…(p-1)a is a permutation of 1,2,…,(p-1). 1a‧2a‧ …‧(p-1)a  1‧2‧…‧(p-1) (mod p) (p-1)!ap-1  (p-1)! (mod p) (p-1)!(ap-1 -1)  0 (mod p) (p-1)!(ap-1 -1)  k‧p p ap-1 –1,  ap-1  1 (mod p) .

15 eg. Fermat test: 27-1=26=64, 64 mod 7 =1.
we say that p passes the Fermat test at a, we mean that ap-1  1 (mod p) . Fermat’s little theorem states that primes pass all Fermat tests for aZp+ .

16 Pseudo-prime = “ On input p:
Carmichael numbers: Composite numbers that passes all Fermat tests. Pseudo-prime = “ On input p: 1. Select a1,…,ak randomly in Zp+ . 2. Compute aip-1 mod p for each i . 3. If all computed values are 1 , accept ; otherwise, rejects “

17 Test prime power Numbers of prime power: N=pk
It is easy to test such type of numbers! It is clear that (p-1)| (N-1) Find a number a such that gcd(a, p) =1. Then aN-1 1 (mod p). Why? Thus p | gcd ( N, aN-1 -1).

18 PRIME = “ On input p 1. If p is even and p=2 then accept ; else reject . 2. Select a1,…,ak randomly in Zp+ . 3. For i=1 to k do 4. Compute aip-1 mod p and reject if different from 1. 5. Let p-1=st where s is odd and t=2h. 6. Compute mod p. 7. If some element is not 1, then find the last one that is not 1 and reject if it is not –1. 8. All tests have passed at this point, so accept. “

19 Lemma: If p is an odd prime number, then
Pr[PRIME accepts p]=1 . Pf: If p is an odd prime, then it will pass stage 4. If a were a stage 7 witness, some b exists in Zp+, where b  1 (mod p) and b  1(mod p)  b2-1  0 (mod p) (b-1)(b+1)  0 (mod p)

20 (b-1)(b+1) = cp for some positive integer c.
∵ b  1 (mod p)  0<b+1 , b-1<p . Therefore, p is composite because a prime number cannot be expressed as a product of numbers that are smaller than it is.

21 Lemma: If p is an odd composite number, then
Pr[PRIME accepts p]  2-k . Pf: Goal: If p is an odd composite number and a is selected randomly in Zp+, then Pr[a is witness]  ½ . Prove by demonstrating that at least as many witnesses as non-witnesses exist in Zp+ , i.e. by finding a unique witness for each non-witness.

22 For every non-witness, the sequence computed in stage 6 is either all 1 or contains –1 at some position followed by 1’s . 1: non-witness of the first kind 1,1,1,…,1 -1:non-witness of the second kind -1,1,1,…1 Among all non-witness of 2nd kind, find a non-witness for which the –1 appears in the largest position in the sequence.

23 ∵ p is composite.  We can write p = qr, (q,r)=1 .
Let h be a non-witness. ,…,……………..-1,1,…,1 ∵ p is composite.  We can write p = qr, (q,r)=1 . By the CRT, there exists t  Zp . t  h (mod q) t  1 (mod r) j-th

24 Hence t is a witness because
but

25 Next we prove that dt mod p is a unique witness for each non-witness d by 2 observations .

26 Thus the number of witnesses must be as large as the number of non-witnesses.
Thm: PRIMESBPP .

27 Def: BPP is the class of all languages L for which there is a non-det poly time TM M, whose computation branches all have the same length, and when xL  Pr[M(x) accepts]  2/3 , when xL  Pr[M(x) accepts] < 1/3 . Def: LRP, if  a NTM in poly time. when xL  Pr[M(x) accepts] =0 . RPBPP. ? ZPP Def: ZPP = RPco-RP .

Download ppt "Probabilistic Complexity"

Similar presentations

Isolation Technique April 16, 2001 Jason Ku Tao Li.

Isolation Technique April 16, 2001 Jason Ku Tao Li.
Rice ’ s Theorem. Def: A property of the Turing-recognizable languages is simply a subset of all Turing- recognizable languages.

Rice ’ s Theorem. Def: A property of the Turing-recognizable languages is simply a subset of all Turing- recognizable languages.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.
Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.

Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
1 Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Presentation by Adi Akavia.

1 Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Presentation by Adi Akavia.
Computability and Complexity

Computability and Complexity
Having Proofs for Incorrectness

Having Proofs for Incorrectness
Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)

Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)
Introduction to Modern Cryptography Lecture 6 1. Testing Primitive elements in Z p 2. Primality Testing. 3. Integer Multiplication & Factoring as a One.

Introduction to Modern Cryptography Lecture 6 1. Testing Primitive elements in Z p 2. Primality Testing. 3. Integer Multiplication & Factoring as a One.
COM 5336 Cryptography Lecture 7a Primality Testing

COM 5336 Cryptography Lecture 7a Primality Testing
Basic properties of the integers

Basic properties of the integers
Probabilistic algorithms Section 10.2 Giorgi Japaridze Theory of Computability.

Probabilistic algorithms Section 10.2 Giorgi Japaridze Theory of Computability.
Probabilistic Algorithms Michael Sipser Presented by: Brian Lawnichak.

Probabilistic Algorithms Michael Sipser Presented by: Brian Lawnichak.
Complexity 18-1 Complexity Andrei Bulatov Probabilistic Algorithms.

Complexity 18-1 Complexity Andrei Bulatov Probabilistic Algorithms.
1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel:03- 5742968, Fax : 886-3-572-3694.

1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Randomized Computation Roni Parshani 025529199 Orly Margalit037616638 Eran Mantzur 028015329 Avi Mintz017629262.

Randomized Computation Roni Parshani Orly Margalit Eran Mantzur Avi Mintz
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
Probabilistic Complexity. Probabilistic Algorithms Def: A probabilistic Turing Machine M is a type of non- deterministic TM, where each non-deterministic.

Probabilistic Complexity. Probabilistic Algorithms Def: A probabilistic Turing Machine M is a type of non- deterministic TM, where each non-deterministic.
Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Slides by Adi Akavia.

Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Slides by Adi Akavia.
Complexity1 Pratt’s Theorem Proved. Complexity2 Introduction So far, we’ve reduced proving PRIMES  NP to proving a number theory claim. This is our next.

Complexity1 Pratt’s Theorem Proved. Complexity2 Introduction So far, we’ve reduced proving PRIMES  NP to proving a number theory claim. This is our next.

Similar presentations

Ads by Google