Presentation is loading. Please wait.

Presentation is loading. Please wait.

Probabilistically Checkable Proofs Madhu Sudan MIT CSAIL 09/23/20091Probabilistic Checking of Proofs TexPoint fonts used in EMF. Read the TexPoint manual.

Published byWhitney Stevenson Modified over 9 years ago

Similar presentations

Presentation on theme: "Probabilistically Checkable Proofs Madhu Sudan MIT CSAIL 09/23/20091Probabilistic Checking of Proofs TexPoint fonts used in EMF. Read the TexPoint manual."— Presentation transcript:

1 Probabilistically Checkable Proofs Madhu Sudan MIT CSAIL 09/23/20091Probabilistic Checking of Proofs TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A

2 Can Proofs Be Checked Efficiently? The Riemann Hypothesis is true (12 th Revision) By Ayror Sappen # Pages to follow: 15783 09/23/20092 Probabilistic Checking of Proofs

3 Proofs and Theorems Conventional belief: Proofs need to be read carefully to be verified. Conventional belief: Proofs need to be read carefully to be verified. Modern constraint: Don’t have the time (to do anything, leave alone) read proofs. Modern constraint: Don’t have the time (to do anything, leave alone) read proofs. This talk: This talk: New format for writing proofs. New format for writing proofs. Efficiently verifiable probabilistically, with small error probability. Efficiently verifiable probabilistically, with small error probability. Not much longer than conventional proofs. Not much longer than conventional proofs. 09/23/20093 Probabilistic Checking of Proofs

4 Outline of talk Quick primer on the Computational perspective on theorems and proofs (proofs can look very different than you’d think). Quick primer on the Computational perspective on theorems and proofs (proofs can look very different than you’d think). Definition of Probabilistically Checkable Proofs (PCPs). Definition of Probabilistically Checkable Proofs (PCPs). Some overview of “ancient” (15 year old) and “modern” (3 year old) PCP constructions. Some overview of “ancient” (15 year old) and “modern” (3 year old) PCP constructions. 09/23/20094 Probabilistic Checking of Proofs

5 Theorems: Deep and Shallow A Deep Theorem: A Deep Theorem: Proof: (too long to fit in this section). Proof: (too long to fit in this section). A Shallow Theorem: A Shallow Theorem: The number 3190966795047991905432 has a divisor between 25800000000 and 25900000000. The number 3190966795047991905432 has a divisor between 25800000000 and 25900000000. Proof: 25846840632. Proof: 25846840632. 8 n ¸ 3, x n + y n  z n 09/23/20095 Probabilistic Checking of Proofs

6 Computational Perspective Theory of NP-completeness: Theory of NP-completeness: Every (deep) theorem reduces to shallow one. Every (deep) theorem reduces to shallow one. Given theorem T and bound n on length of proof, there exist integers A,B,C between 0 and 2 n O(1) such that A has a divisor between B and C iff T has a proof of length n. Given theorem T and bound n on length of proof, there exist integers A,B,C between 0 and 2 n O(1) such that A has a divisor between B and C iff T has a proof of length n. Shallow theorem easy to compute from deep. Shallow theorem easy to compute from deep. A,B,C computable from T in time poly(n). A,B,C computable from T in time poly(n). Shallow proofs are not much longer. Shallow proofs are not much longer. 09/23/20096 Probabilistic Checking of Proofs [Kilian]

7 P & NP P = Easy Computational Problems P = Easy Computational Problems Solvable in polynomial time Solvable in polynomial time (E.g., Verifying correctness of proofs) (E.g., Verifying correctness of proofs) NP = Problems whose solution is easy to verify NP = Problems whose solution is easy to verify (E.g., Finding proofs of mathematical theorems) (E.g., Finding proofs of mathematical theorems) NP-Complete = Hardest problems in NP NP-Complete = Hardest problems in NP Is P = NP? Is P = NP? Is finding a solution as easy as specifying its properties? Is finding a solution as easy as specifying its properties? Can we replace every mathematician by a computer? Can we replace every mathematician by a computer? Wishing = Working! Wishing = Working! 09/23/20097 Probabilistic Checking of Proofs

8 More Broadly: New formats for proofs New format for proof of T: Divisor D (A,B,C don’t have to be specified since they are known to (computable by) verifier.) New format for proof of T: Divisor D (A,B,C don’t have to be specified since they are known to (computable by) verifier.) Theory of Computation replete with examples of such “alternate” lifestyles for mathematicians (formats for proofs). Theory of Computation replete with examples of such “alternate” lifestyles for mathematicians (formats for proofs). Equivalence: (1) new theorem can be computed from old one efficiently, and (2) new proof is not much longer than old one. Equivalence: (1) new theorem can be computed from old one efficiently, and (2) new proof is not much longer than old one. Question: Why seek new formats? What Question: Why seek new formats? What benefits can they offer? benefits can they offer? Can they help ? 09/23/20098 Probabilistic Checking of Proofs

9 Probabilistically Checkable Proofs How do we formalize “formats”? How do we formalize “formats”? Answer: Formalize the Verifier instead. “Format” now corresponds to whatever the verifier accepts. Answer: Formalize the Verifier instead. “Format” now corresponds to whatever the verifier accepts. Will define PCP verifier (probabilistic, errs with small probability, reads few bits of proof) next. Will define PCP verifier (probabilistic, errs with small probability, reads few bits of proof) next. 09/23/20099 Probabilistic Checking of Proofs

10 V 0 1 0 T P PCP Verifier 1.Reads Theorem 2. Tosses coins 3. Reads few bits of proof 4. Accepts/Rejects. 010010100101010101010 HTHTTH 09/23/200910 Probabilistic Checking of Proofs T invalid ) 8 P, V accepts w.p. · 1/2 T valid ) 9 P s.t. V accepts w.p. 1

11 Features of interest Number of bits of proof queried must be small (constant?). Number of bits of proof queried must be small (constant?). Length of PCP proof must be small (linear?, quadratic?) compared to conventional proofs. Length of PCP proof must be small (linear?, quadratic?) compared to conventional proofs. Optionally: Classical proof can be converted to PCP proof efficiently. (Rarely required in Logic.) Optionally: Classical proof can be converted to PCP proof efficiently. (Rarely required in Logic.) Do such verifiers exist? Do such verifiers exist? PCP Theorem [Arora, Lund, Motwani, S., Szegedy, 1992]: They do; with constant queries and polynomial PCP length. PCP Theorem [Arora, Lund, Motwani, S., Szegedy, 1992]: They do; with constant queries and polynomial PCP length. [2006] – New construction due to Dinur. [2006] – New construction due to Dinur. 09/23/200911 Probabilistic Checking of Proofs

12 Part II – Ingredients of PCPs 09/23/200912 Probabilistic Checking of Proofs

13 Essential Ingredients of PCPs Locality of error: Locality of error: If theorem is wrong ( and so “proof” has an error ), then error in proof can be pinpointed locally ( found by verifier that reads only few bits of proof ). If theorem is wrong ( and so “proof” has an error ), then error in proof can be pinpointed locally ( found by verifier that reads only few bits of proof ). Abundance of error: Abundance of error: Errors in proof are abundant ( easily seen in random probes of proof ). Errors in proof are abundant ( easily seen in random probes of proof ). How do we construct a proof system with these features? How do we construct a proof system with these features? 09/23/200913 Probabilistic Checking of Proofs

14 3-Coloring 3-Coloring g d e f c b a Locality: From NP-completeness Color vertices s.t. endpoints of edge have different colors. is NP-complete: T P a c d b e f g 09/23/200914 Probabilistic Checking of Proofs

15 To verify To verify Verifier constructs Verifier constructs Expects as proof. Expects as proof. To verify: Picks an edge and verifies endpoints distinctly colored. To verify: Picks an edge and verifies endpoints distinctly colored. Error: Monochromatic edge = 2 pieces of proof. Error: Monochromatic edge = 2 pieces of proof. Local! But errors not frequent. Local! But errors not frequent. 3-Coloring Verifier: T 09/23/200915 Probabilistic Checking of Proofs

16 Amplifying Error: Algebraic Approach Graph = E: V £ V  {0,1} Graph = E: V £ V  {0,1} Place V in finite field F (V µ F ) Place V in finite field F (V µ F ) Extend E to a polynomial E (x,y) Extend E to a polynomial E (x,y) E : F £ F  F E : F £ F  F E | V £ V = E E | V £ V = E Coloring =  : V  {0,1,2} Coloring =  : V  {0,1,2} Extend to  : F  F Extend to  : F  F 3-colors: 8 x 2 V,  (x) ¢ (  (x)-1) ¢ (  (x)-2) = 0 3-colors: 8 x 2 V,  (x) ¢ (  (x)-1) ¢ (  (x)-2) = 0 Validity: 8 x,y 2 V, Validity: 8 x,y 2 V, E (x,y) ¢  j 2 {-2,-1,1,2} (  (x)-  (y)-j) = 0 E (x,y) ¢  j 2 {-2,-1,1,2} (  (x)-  (y)-j) = 0 09/23/2009 Probabilistic Checking of Proofs 16

17 Algebraic theorems and proofs Algebraic Theorems: Algebraic Theorems: For V µ F, operators A, B, C; deg. bound d, For V µ F, operators A, B, C; deg. bound d, 9 Â of degree d s.t. A( Â ), B( Â ), C( Â ) zero on V. 9 Â of degree d s.t. A( Â ), B( Â ), C( Â ) zero on V. Algebraic Proofs: Algebraic Proofs: Evaluations of Â, A( Â ), B( Â ), C( Â ). Evaluations of Â, A( Â ), B( Â ), C( Â ). Additional stuff, e.g., to prove zero on V Additional stuff, e.g., to prove zero on V Verification? Verification? Low-degree testing (Verify degrees) Low-degree testing (Verify degrees) ~ “Discrete rigidity phenomena”? ~ “Discrete rigidity phenomena”? Test consistency Test consistency ~ Error-correcting codes! ~ Error-correcting codes! 09/23/200917Probabilistic Checking of Proofs

18 Some details E.g. to show  ¢ (  – 1) ¢ (  – 2) = 0 on V. E.g. to show  ¢ (  – 1) ¢ (  – 2) = 0 on V. 09/23/2009Probabilistic Checking of Proofs18 Checks: Verify degree of Consistency of Â, ¡, ¢

19 More details Extends also to bivariate polynomials ( E (x,y)) Extends also to bivariate polynomials ( E (x,y)) Immediately yields PCP with O(log n) queries, where n is (classical) proof size. Immediately yields PCP with O(log n) queries, where n is (classical) proof size. But leads to improvement by “composition”: But leads to improvement by “composition”: Verifier’s task has reduced in complexity from verifying statements of length n, to verifying statements of length log n. Verifier’s task has reduced in complexity from verifying statements of length n, to verifying statements of length log n. Recurse. Recurse. (includes some cheating) (includes some cheating) 09/23/2009 Probabilistic Checking of Proofs 19

20 Amplifying Error: Graphically Dinur Transformation: There exists a linear-time algorithm A: Dinur Transformation: There exists a linear-time algorithm A: A(G) 3-colorable if G is 3-colorable. A(G) 3-colorable if G is 3-colorable. Fraction of monochromatic edges in A(G) (in any coloring) is twice (minimum) fraction in G Fraction of monochromatic edges in A(G) (in any coloring) is twice (minimum) fraction in G (unless fraction in G is ¸ ² 0 ) A 09/23/200920 Probabilistic Checking of Proofs

21 Graphical amplification Series of applications of A: Series of applications of A: Increases error to absolute constant Increases error to absolute constant Yield PCP Yield PCP Achieve A in two steps: Achieve A in two steps: Step 1: Increase error-detection prob. By converting to (generalized) K-coloring Step 1: Increase error-detection prob. By converting to (generalized) K-coloring Random walks, expanders, spectral analysis of graphs. Random walks, expanders, spectral analysis of graphs. Step 2: Convert K-coloring back to 3-coloring, losing only a small constant in error-detection. Step 2: Convert K-coloring back to 3-coloring, losing only a small constant in error-detection. Testing (~ “ Discrete rigidity phenomenon ” again ) Testing (~ “ Discrete rigidity phenomenon ” again ) 09/23/200921 Probabilistic Checking of Proofs

22 Step 2: (same as in earlier PCPs) Step 2: (same as in earlier PCPs) Step 1: 3-coloring ! K-coloring Step 1: 3-coloring ! K-coloring coloring  (u) ¥ (U) = {  u (N(u))} ! u~v edges U~X (if u~v~w~x) ! vertices u U (= u [ N(u)) ! Some details 09/23/2009 Probabilistic Checking of Proofs 22 constraints  (u)   (v) If u~v~w~x then  u (v)   x (w) ! G A(G) !

23 Conclusion Proof verification by rapid checks is possible. Proof verification by rapid checks is possible. Does not imply math. journals will change requirements! Does not imply math. journals will change requirements! But not because it is not possible! But not because it is not possible! Logic is not inherently fragile! Logic is not inherently fragile! PCPs build on and lead to rich mathematical techniques. PCPs build on and lead to rich mathematical techniques. Huge implications to combinatorial optimization (“inapproximability”) Huge implications to combinatorial optimization (“inapproximability”) Practical use? Practical use? Automated verification of “data integrity” Automated verification of “data integrity” Needs better size tradeoffs Needs better size tradeoffs … and for practice to catch up with theory. … and for practice to catch up with theory. 09/23/200923 Probabilistic Checking of Proofs

24 Thank You! 09/23/200924 Probabilistic Checking of Proofs

Download ppt "Probabilistically Checkable Proofs Madhu Sudan MIT CSAIL 09/23/20091Probabilistic Checking of Proofs TexPoint fonts used in EMF. Read the TexPoint manual."

Similar presentations

Sublinear Algorithms 1 3 2 … Lecture 23: April 20.

Sublinear Algorithms … Lecture 23: April 20.
Weighted Matching-Algorithms, Hamiltonian Cycles and TSP

Weighted Matching-Algorithms, Hamiltonian Cycles and TSP
Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)

Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)
C&O 355 Lecture 23 N. Harvey TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A A A A A A A.

C&O 355 Lecture 23 N. Harvey TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A A A A A A A.
Theory of Computing Lecture 16 MAS 714 Hartmut Klauck.

Theory of Computing Lecture 16 MAS 714 Hartmut Klauck.
Probabilistically Checkable Proofs (and inapproximability) Irit Dinur, Weizmann open day, May 1 st 2009.

Probabilistically Checkable Proofs (and inapproximability) Irit Dinur, Weizmann open day, May 1 st 2009.
Introduction to PCP and Hardness of Approximation Dana Moshkovitz Princeton University and The Institute for Advanced Study 1.

Introduction to PCP and Hardness of Approximation Dana Moshkovitz Princeton University and The Institute for Advanced Study 1.
1/17 Optimal Long Test with One Free Bit Nikhil Bansal (IBM) Subhash Khot (NYU)

1/17 Optimal Long Test with One Free Bit Nikhil Bansal (IBM) Subhash Khot (NYU)
Umans Complexity Theory Lectures Lecture 15: Approximation Algorithms and Probabilistically Checkable Proofs (PCPs)

Umans Complexity Theory Lectures Lecture 15: Approximation Algorithms and Probabilistically Checkable Proofs (PCPs)
PCPs and Inapproximability Introduction. My T. Thai 2 Why Approximation Algorithms  Problems that we cannot find an optimal solution.

PCPs and Inapproximability Introduction. My T. Thai 2 Why Approximation Algorithms  Problems that we cannot find an optimal solution.
1 List Coloring and Euclidean Ramsey Theory TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A Noga Alon, Tel Aviv.

1 List Coloring and Euclidean Ramsey Theory TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A Noga Alon, Tel Aviv.
Computability and Complexity 13-1 Computability and Complexity Andrei Bulatov The Class NP.

Computability and Complexity 13-1 Computability and Complexity Andrei Bulatov The Class NP.
1 Adapted from Oded Goldreich’s course lecture notes.

1 Adapted from Oded Goldreich’s course lecture notes.
1 COMPOSITION PCP proof by Irit Dinur Presentation by Guy Solomon.

1 COMPOSITION PCP proof by Irit Dinur Presentation by Guy Solomon.
Locally testable cyclic codes Lászl ó Babai, Amir Shpilka, Daniel Štefankovič There are no good families of locally-testable cyclic codes over. Theorem:

Locally testable cyclic codes Lászl ó Babai, Amir Shpilka, Daniel Štefankovič There are no good families of locally-testable cyclic codes over. Theorem:
The Theory of NP-Completeness

The Theory of NP-Completeness
EXPANDER GRAPHS Properties & Applications. Things to cover ! Definitions Properties Combinatorial, Spectral properties Constructions “Explicit” constructions.

EXPANDER GRAPHS Properties & Applications. Things to cover ! Definitions Properties Combinatorial, Spectral properties Constructions “Explicit” constructions.
Analysis of Algorithms CS 477/677

Analysis of Algorithms CS 477/677
CSE 421 Algorithms Richard Anderson Lecture 27 NP Completeness.

CSE 421 Algorithms Richard Anderson Lecture 27 NP Completeness.
CS151 Complexity Theory Lecture 13 May 11, 2004. CS151 Lecture 132 Outline Natural complete problems for PH and PSPACE proof systems interactive proofs.

CS151 Complexity Theory Lecture 13 May 11, CS151 Lecture 132 Outline Natural complete problems for PH and PSPACE proof systems interactive proofs.

Similar presentations

Ads by Google