Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 5.

Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 5

C= (n,k,d) q codes n = Block length k = Information length d = Distance k/n = Information rate d/n = Distance rate q = Alphabet size

Linear Codes C = {x | x Є L} (L is a linear subspace of F q n ) Δ(x,y) = Δ(x-z,y-z) min Δ(0,x) = min Δ(x,y) x,y Є L k = dimension of the message space = dim L n = dimension of the whole space (in which the code words lie) Generator matrix: {xG | x Є F q k } “Parity” check matrix: {y Є F q n | yH = 0}

Reed-Solomon codes The Reed–Solomon code is an error-correcting code that works by oversampling a polynomial constructed from the data.error-correcting code oversamplingpolynomial C is a [n, k, n-k+1] code; in other words, it is a linear code of length n (over F) with dimension k and minimum distance n-k+1.linear codedimension

Welch-Berlekamp decoding algorithm for RS codes Length = n (n ≤ |F|) Degree = k # of errors =e We assume: k+2e < n. Received code word = y E = non-zero polynomial that is zero at the bad “bits” of y y E = B. deg E ≤ e deg B ≤ e + k NOTATION: I.v = w (exc e) means “word v is the same as word w except at e places) II.v = w (exc H) means “word v is the same as word w except on set H) We have P = y (exc Err), where P is the encoded word, and |Err| ≤ e. We can find E and B such that y E = B by solving a system of linear equations: E 0 + E 1 f j + E 2 f j 2 + … + E e f j e = y j B 0 + y j B 1 f j + y j B 2 f j 2 + … + y j B e f j e+k (1 ≤ j ≤ n)

Welch-Berlekamp decoding algorithm for RS codes Since P = y (exc Err), it follows that PE = yE = B (exc Err), But deg PE = k + e, and deg B = k + e, and since k+e < n–e, we have PE = B. Now we can easily recover P by simply dividing polynomial B by E.

Generalization of the WB algorithm C is a general code (replacing RS) α. A * C is a subset of B β. dim A > e γ. d(B) > e δ. d(A) + d(C) ≥ n solve y a = b (we need β. for such non-zero a to exist) let c be the code word we are looking for ca = ya = b (exc Err) → ca = b, since ca Є B. → → b/a = c (exc zeros(a)) → b/a = c (exc n – d(A)) → we can recover c α.,γ. δ.δ.

Multi-variate polynomials Two variate polynomial of multi-degree (2,2): General n variate polynomial: P(x 1,x 2,…,x n ) = P(x) = Σ α a α x α

Multi-degree deg y deg x Multi-degree (3,5) x3y5x3y5 x2y3x2y3

Multi-degree deg x deg y General multi-degree pattern. Multi-degree polynomials of a fix pattern form a vector space over F.

Multi-degree deg x deg y Under multiplication degree patterns add like vectors P → P + P

Total degree d deg x deg y for each coeff vector α in P(x) we have Σ i α i ≤ d total degree 5 leading terms

LEMMA: Let S be a subset of a field F, |S|=d+1 ≥ 1. Then any function from S n to F has a unique extension to a multi-degree (d,…,d) polynomial. PROOF: 1.there exists a low degree extension: By linearity it is enough to show that any function that takes a single non-zero value has an extension. Assume the non-zero value is taken over (a 1,a 2,…,a n ). Then over S it can be expressed as: const ∙ Π i Π s ( x i - s ) s runs through S, but leaves out a i

LEMMA: Let S be a subset of a field F, |S|=d+1 ≥ 1. Then any function from S n to F has a unique extension to a multi-degree (d,…,d) polynomial. 2. The low degree extension is unique: Because of linearity it is enough to show that the identically zero function on S n has a unique extension (which is the 0 polynomial). In 1 dimension this follows from the fact that a degree d polynomial cannot have more than d roots. Assume that we have proven the statement for d-1. → If we fix x i to any constant s in S, we get an identically zero polynomial. → Now fix all the other variables (anyhow), except x i, we get a polynomial taking zeros on all points of S. → All such uni-variate polynomial has to take zero everywhere. → P(x)=0.

0 xixi All other variables d+1 (d+1) n-1

Zippel’s lemma THEOREM (Schwartz-Zippel). Let be a polynomial of degree d over a field, F. Let S be a finite subset of F and let be selected randomly from S. Thendegree

PROOF: Induction on n. For n = 1, P can have at most d roots. This gives us the base case. Now, assume that the theorem holds for all polynomials in n − 1 variables. We can then consider P to be a polynomial in x 1 by writing it as Since P is not identically 0, there is some i such that P i is not identically 0. Take the largest such i. Then.

PROOF: Induction on n. For n = 1, P can have at most d roots. This gives us the base case. Now, assume that the theorem holds for all polynomials in n − 1 variables. We can then consider P to be a polynomial in x 1 by writing it as Since P is not identically 0, there is some i such that P i is not identically 0. Take the largest such i. Then. Now we randomly pick. from S. By the induction hypothesis,

PROOF: Induction on n. For n = 1, P can have at most d roots. This gives us the base case. Now, assume that the theorem holds for all polynomials in n − 1 variables. We can then consider P to be a polynomial in x 1 by writing it as Since P is not identically 0, there is some i such that P i is not identically 0. Take the largest such i. Then. Now we randomly pick. from S. By the induction hypothesis, If then is of degree i.

Event A: Event B:

Maximal number of zeros of a multi-degree (d,…,d) polynomial q n – (q – d) n Homework

Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 5.

Similar presentations

Presentation on theme: "Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 5."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 5.

Similar presentations

Presentation on theme: "Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 5."— Presentation transcript:

Similar presentations

About project

Feedback