1. Having Proofs for Incorrectness
coNP
Having Proofs for Incorrectness
Complexity

2. Introduction Objectives: Overview:
To introduce the complexity class coNP
To explore the primality problem.
Overview:
coNP: Definition and examples
coNP=NP? and NP=P?
PRIMES and Pratt’s theorem
Complexity

3. CoNP
Def: CoNP is the class of problems that have succinct non-membership witnesses.
Complexity

4. VALIDITY Instance: A Boolean formula
Problem: To decide if the formula is valid (i.e satisfiable by all possible assignments)
A valid Boolean formula:
An invalid Boolean formula:
Complexity

5. Indeed it doesn’t satisfy x!
VALIDITY is in coNP
Guess an assignment
Verify it doesn’t satisfy the formula
(x)=F x
Indeed it doesn’t satisfy x!
Complexity

6. Using what we Know about NP
By definition, the complement of every NP language is in coNP.
The complement of a coNP language is NP.
VALIDITY is in coNP!
Since SAT is in NP...
Complexity

7. P  coNP: As coP = P, and P  NP
NP and coNP P NP
coNP
P  coNP: As coP = P, and P  NP
Complexity

8. NP-Complete & coNP-Complete
L NP-Complete  Lc coNP-Complete.
AcNP R
LNP-Complete
AcoNP R
LccoNP
-Complete
Complexity

9. Does the opposite direction also hold?
NP=P? & coNP=NP?
Claim: P=NP implies coNP=NP.
Proof: P=coP, hence if P=NP, NP=coNP. 
Does the opposite direction also hold?
Complexity

10. coNP=NP? & Completeness in coNP
Claim: If a coNP-Complete problem L is in NP, under Karp reduction, then coNP=NP.
Proof: in that case, any AcoNP, must be in NP
AcoNP
ANP R
LcoNP-Complete
LNP
Complexity

11. What’s coNP’s Proper Position?
Complexity

12. Here It Is! Open question: Are NP\coNP, coNP\NP actually empty? P NP
Complexity

13. PRIMES Instance: A number in binary representation.
Problem: To decide if this number is prime.
Yes instance:
10111
No instance:
10110
Complexity

14. Is Primes in P ?! What’s the problem with the following algorithm?
Input: a number N
Output: is N prime?
for i in 2..N do
for j in 2..N do
if i*j=N, return FALSE
return TRUE
Complexity

15. Don’t forget to make sure this takes
PRIMES is in coNP
Don’t forget to make sure this takes
polynomial time
Given a number N
Guess two numbers i and j
Verify i*j=N
. . . 1 #
. . . 1 # 
Complexity

16. 5 is prime. What are its primitive roots?
PAP
Is PRIMES in NP?
Claim: A number p > 2 is prime iff  a number 1<r<p (called primitive root) s.t
1) rp-1 = 1 (mod p)
2)  prime divisor q of p-1: r(p-1)/q 1 (mod p)
5 is prime. What are its primitive roots?
Complexity

17. Pratt’s Theorem Pratt’s Theorem: PRIMES is in NPcoNP.
Proof: Assuming the above claim we need to find some type of a guess that can be easily verify...
Complexity

18. What Can We Get By Guessing r?
We first need to verify rp-1=1 (mod p)
BUT rp-1 mod p requires only poly-space
rp-1 can be super-exponential!
Complexity

19. What Can We Get By Guessing r?
We first need to verify rp-1=1 (mod p)
Performing p-1 multiplications is not polynomial!
But you can start with r and square log(p-1) times!
Complexity

20. Verifying the Second Requirement
Next we need to verify, that  prime divisor q of p-1: r(p-1)/q 1 (mod p)
Lemma: Any n>1 has klogn prime divisors.
Proof: Denote the prime divisors of n by q1,...,qk. Note that nq1·... ·qk and all qi2. Thus n2k, i.e - klogn. 
Complexity

21. Verifying the Second Requirement
Next we need to verify, that  prime divisor q of p-1: r(p-1)/q 1 (mod p)
How would you find the prime divisors of p-1?
Obviously I wouldn’t!
I’d just guess them!
Complexity

22. Verifying the Second Requirement
Next we need to verify, that  prime divisor q of p-1: r(p-1)/q 1 (mod p)
How would you verify they are prime?
Exactly the same way!
Complexity

23. Make sure it’s succinct
Claim  Theorem
The certificate that a natural p is a prime is the following:
p=2 C(p)=()
p>2 C(p)=(r,q1,C(q1),...,qk,C(qk))
Make sure it’s succinct
Complexity

24. Make sure it takes poly-time
The Verification
1. If p=2, accept
2. Otherwise, verify rp-1=1 (mod p).
3. Check that p can be reduced to 1 by repeated divisions by the qi’s.
4. Check r(p-1)/qi1 (mod p) for all the qi’s.
5. Recursively apply this algorithm upon every qi,C(qi)
Make sure it takes poly-time
Complexity

25. Proof of Claim
Need to show that every prime satisfies both conditions and
that any number satisfying both conditions is a prime
Complexity

26. Observe: For any prime p, (p)={1,...,p-1}
Euler’s Function
(n) = { m | 1 m < n AND gcd(m,n)=1 }
Euler’s function: (n)=|(n)|
Example:
(12)={1,2,3,4,5,6,7,8,9,10,11}
(12)=4
Observe: For any prime p, (p)={1,...,p-1}
Complexity

27. Fermat’s Little Theorem
Fermat’s Little Theorem: Let p be a prime number  0 < a < p, ap-1 =1 (mod p)
p=5; a=2
25-1 mod 5 = 16 mod 5 = 1
Example:
Complexity

28. Observation 0<a<p, a·(p):={a·m (mod p) | m(p)} = (p)
Example: 1 2 4 3
(5)
·2 (mod 5) 2 4 1 3
Complexity

29. Fermat’s Theorem: Proof
Therefore, for any 0<a<p:
 0 (mod p)
Complexity

30. Generalization Claim: For all a(n) , a(n)=1 (mod n). Example:
Complexity

31. Generalization: Proof
Again: For any a(n), a·(n)=(n)
Again: m(n)m  0 (mod n) 1 3 5 7
(8)
Example:
* (mod 8)
And the claim follows. 
Complexity

32. What have we got So Far
We know if p is prime condition (1) holds for all a
For non prime n, condition (1) may hold for some a but then a(n)=1 (mod n) as well, hence an-1-(n)=1 (mod n)
Complexity

33. Exponents
Def: If m(p), the exponent of m is the smallest integer k > 0 such that mk=1 (mod p).
Example:
p=7, m=4(7),
the exponent of 4 is 3.
Complexity

34. All Residues Have Exponents
Let s  (p).
 j > i  N that satisfy si=sj (mod p).
si is indivisible by p.
 sj-i=1 (mod p).
Complexity

35. Regarding Exponents
Observation: The only powers of m that are 1 (mod p) are multiplies of its exponent!
Assuming rp-1 = 1 (mode p), by Fermat’s theorem, r’s exponent divides p-1
Complexity

36. Non Primes Must Fail For a non prime n: It must be that (p) < p-1.
Assume there is r s.t rp-1=1 (mod p)
We’ve shown r(p)=1 (mod p)
So there is also a prime divisor q of p-1, s.t r(p-1)/q =1 mod p.
We may conclude: if both conditions hold p is prime!
Complexity

37. An Equivalent Definition of Euler’s Function Using Prime Divisors
Let p be a prime divisor of n.
The probability p divides a candidate is 1/p.
Thus: 2 6 4 1 7
. . . 3 5
n-1
all the residues modulo n are candidates for (n)
Complexity

38. Corollaries Corollary: If gcd(m,n)=1, (mn)=(m)(n). Proof: 
(6)=|{1,5}|=2
(2)=|{1}|=1
(3)=|{1,2}|=2 
Complexity

39. The Chinese Remainder Theorem
The Chinese Remainder Theorem: If n is the product of distinct primes p1,...,pk, for each k-tuple of residues (r1,...,rk), where ri(pi), there is a unique r(n), where ri=r mod pi for every 1ik.
21=7·3
(21)={1,2,4,5,8,10,11,13,16,17,19,20}
(3) ={1,2}
(7) ={1,2,3,4,5,6}
Complexity

40. The Chinese Remainder Theorem
Proof: If n is the product of distinct primes p1,...,pk, then (n)=1ik(pi-1). This means |(n)|=|(p1)...(pk)|. The following is a 1-1 correspondence between the two sets: r
(r mod p1,...,r mod pk)
Complexity

41. Another Property of the Euler Function
Claim: m|n(m)=n.
Example:
m|12(m)=
(1) + (2) + (3) + (4) + (6) + (12)=
|{1}| + |{1}| + |{1,2}| + |{1,3}| + |{1,5}| + |{1,5,7,11}|=
= 12
Complexity

42. Another Property of the Euler Function
Claim: m|n(m)=n.
Proof: Let 1ilpiki be the prime factorization of n.
(n)=np|n(1-1/p)
m|n(m)=
Since (ab)=(a)(b)
telescopic sum
Complexity

43. Group together Residues with Same Exponent
Fix a p and let R(k) denote the number of residues with exponent k.
If k does not divide p-1, R(k)=0.
Can you upper bound R(k)?
Complexity

44. Polynomials Have Few Roots
Claim: Any polynomial of degree k that is not identically zero has at most k distinct roots modulo p.
Proof: By induction on k. Trivially holds for k=0. Suppose it also holds for some k-1.
By way of contradiction, assume x1,...,xk+1 are roots of (x)=akxk+...+a0.
’(x)= (x)-ak1ik(x-xi) is of degree k-1 and not identically zero.
x1,...,xk are its roots - Contradiction! 
Complexity

45. How Many Residues Can Share an Exponent?
Conclusion: There are at most k residues of exponent k.
Claim: R(k) ≤ (k)
Proof:
Let s be a residue of exponent k.
(1,s,s2,…,sk-1) are k distinct solutions of xk=1 (mod p) (why?)
If sl has exponent k, l(k) (otherwise its exponent is lower).
Complexity

46. All p-1 residues have exponents
Summing Up
= p-1
p-1 =
m|n(m)=n
All p-1 residues have exponents
Complexity

47. Summing Up R(k)=(k) for all divisors of p-1 R(p-1) = (p-1) > 0
p has at least one primitive root
Complexity

48. Where Do We Stand?
We’ve shown every prime has a primitive root. Hence any prime satisfied both conditions
We’ve previously shown any non prime does not satisfy both conditions
Complexity

49. Q.E.D!
This finally proves the validity of our alternative characterization of primes,
which implies that PRIMES is in NP.
Complexity

50. Place PRIMES
PRIMES P NP
coNP
Complexity

51.  Summary We’ve studied the complexity class coNP,
and explored the relations between coNP and other classes, such as P and NP.
We’ve introduced PRIMES and showed it’s in NPcoNP, though it’s believed not to be in P. 
Complexity