1. Pseudorandom Bits for Constant-Depth Circuits with Few Arbitrary Symmetric Gates Emanuele Viola Harvard University June 2005

2. Efficiently Computable Big Stretch s(n) À n ( e.g. s(n) = n  (1) ) Fools small circuits: 8 small C Pr X, |X| = s(n) [ C(X) = 1 ] ¼ Pr , |  | = n [ C(PRG(  )) = 1 ] Pseudorandom Generator (PRG) [BM,Y,NW] PRG

3. PRG ) derandomization: BP ¢ P ( EXP [Y,NW,…] PRG, circuit lower bounds: EXP  P/poly [NW,BFNW,STV,SU,…] Open Problem: PRG exist? This Work: study restricted PRG Only fool constant-depth circuits We know lower bounds for constant-depth circuits Do PRG Exist?

4. Constant-depth circuit = PRG that fools constant-depth circuit As before, but only fools small constant-depth circuit C Pr X, |X| = s(n) [ C(X) = 1 ] ¼ Pr , |  | = n [ C(PRG(  )) = 1 ] PRG that fools constant-depth circuits x 1 : x 1 x 2.... : x s Depth PRG

5. Previous Results [N’91] PRG : {0,1} n ! {0,1} s(n) s(n) = 2 n , fools AC 0 = Applications: BP ¢ AC  ( EXP, more in [NW,HVV,V] [LVW’93] PRG : {0,1} n ! {0,1} s(n) s(n) = n  log n, fools SYM ○ AND = SYM = arbitrary symmetric gate E.g., SYM = PARITY, MAJORITY x 1 : x 1 x 2..... : x s ÆÆÆÆÆÆÆÆ Ç ÇÇÇÇÇ Æ SYM ÆÆÆÆÆÆ x 1 : x 1 x 2.... : x s

6. Theorem[This Work]: PRG : {0,1} n ! {0,1} s(n) with s(n) = n  log n fools AC 0 with  log 2 n SYM = Improves on [LVW93] Fools richer class than [N91] but worse stretch BP ¢ (AC 0 with few SYM) ( EXP Currently richest BP ¢ class one can derandomize Our Results ÆÆÆÆÆÆ ÇÇÇÇ SYM x 1 : x 1 x 2.... : x s

7. [NW] style Input = 1101010101110110101110 Output = 101010 …........1 ……….....1010100 f = © = PARITY [RW] The Pseudorandom Generator f x 1............. x n Æ © Æ  ©©  ©© 

8. Outline Why previous results/techniques do not suffice For PRG need new average-case lower bound for AC 0 with few SYM Proof sketch of average-case lower bound

9. Known Lower Bounds Recall AC 0 with  log 2 n SYM = [H,BNS,HG,RW,HM,CH]: f 2 P that requires AC 0 circuits with  log 2 n SYM of size n  log n Often, lower bound ) PRG. But NOT this time! ÆÆÆÆÆÆ ÇÇÇÇ SYM x 1 : x 1 x 2.... : x s

10. Standard Approach [BFNW,STV,SU,…] [NW] Def. f : {0,1} n ! {0,1} average-case hard for C if 8 small C 2 C Pr x [C(x)  f(x)] ¸ ½ - n -  (1) To construct PRG that fools C (e.g. AC 0 with few SYM) h hard for C f hard on average for C PRG that fools C

11. Standard Approach Fails h hard for C f hard on average for C PRG that fools C Proving correctness 9 C 2 C C = h 9 C 2 C comp. f on average 9 C 2 C breaks PRG Problem: requires C ¶ TC 0. Is TC 0 ¶ NEXP? [RR] Conjecture [V]: Black-box construction ) C ¶ TC 0 To construct PRG that fools C (e.g. AC 0 with few SYM)

12. C = AC 0 with few SYM Our vs. Previous Lower Bounds [H,BNS,HG,RW,HM,CH] not average-case hard Theorem[This Work]: There is f 2 P s.t. 8 AC 0 circuit C of size n  log n with  log 2 n SYM Pr x [C(x)  f(x)] ¸ ½ - n  log n h hard for C f hard on average for C PRG that fools C

13. Tools: Random restrictions  [FSS,H,…] –  : {x 1, x 2,…, x s } ! {0,1,*}, C|  subcircuit on *’s Communication complexity bound for GIP [BNS] Theorem[This Work]: GIP ○ PARITY is average-case hard for small AC 0 circuits with few SYM Proof sketch: C small AC 0 circuit with few SYM. W.h.p. over random restriction  E 1 : GIP ○ PARITY|  ¼ GIP ) high comm. complexity E 2 : C|  computable with low comm. complexity E 1 and E 2 ) C|  (x)  GIP(x) Q.E.D. Proof Sketch

14. ``Number on the forehead’’ model [CFL] –k-parties want to compute f(x) –x partitioned in k blocks ! –i-th party knows all x but x i –Communication = broadcast Generalized Inner Product. GIP(x) = Lemma[BNS]: Low communication complexity protocol P ) Pr x [P(x)  GIP(x)] ¸ ½ - n  log n –k =.5 log n –Proof uses discrepancy method, [CT,R] Multiparty Communication Complexity Æ © n k x 1.......... x nk Æ k x 1 x 2  x k

15. C|  low communication complexity Restriction [FSS,…]  map variables to {0,1,*} –R p = uniform distribution, Pr[  (x i ) = *] = p –C|  subcircuit. New input bits = * Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity –p = 1/n  First prove 1 SYM, then  log 2 n SYM

16. 1 SYM gate Lemma: C small AC 0 circuit with 1 SYM W.h.p. over  2 R p, C|  low comm. complexity Proof [H,B,HM]: ÆÆÆÆÆÆÆÆ Ç ÇÇÇÇ SYM  = ÆÆÆÆÆÆ k-1 Ç 01**00*001**10*0 ********************* Note: Æ Fan-in < # players = k

17. 1 SYM gate Lemma: C small AC 0 circuit with 1 SYM W.h.p. over  2 R p, C|  low comm. complexity Proof [HG]: SYM ○ AND k-1 low comm. for k players – 8 AND 9 party that can compute it (fan-in < k = # blocks) –Parties broadcast # AND = 1 –Communication = k ¢ log(size of circuit) Q.E.D. SYM ÆÆÆÆÆÆ k-1 x 1 x 2  x k

18. More SYM gates Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Consider following protocol ÆÆÆÆÆÆ ÇÇÇÇ SYM 3 SYM 2 SYM 1 x 1 : x 1 x 2...... : x s

19. Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Previous lemma ) low communication complexity More SYM gates ÆÆÆÆÆÆ ÇÇÇÇ SYM 2 SYM 1 SYM 3  x 1 : x 1 x 2...... : x s

20. Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Parties compute value of SYM gate More SYM gates ÆÆÆÆÆÆ ÇÇÇÇ SYM 2 1 SYM 3  x 1 : x 1 x 2...... : x s

21. More SYM gates Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Previous lemma ) low communication complexity ÆÆÆÆÆÆ SYM 2 1 ÇÇÇÇ SYM 3  x 1 : x 1 x 2...... : x s

22. Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Parties compute value of SYM gate More SYM gates ÆÆÆÆÆÆ 0 1 ÇÇÇÇ SYM 3  x 1 : x 1 x 2...... : x s

23. More SYM gates Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Previous lemma ) low communication complexity ÆÆÆÆÆÆ ÇÇÇÇ SYM 3 0 1  x 1 : x 1 x 2...... : x s

24. More SYM gates Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Parties compute value of SYM gate ÆÆÆÆÆÆ ÇÇÇÇ 1 0 1 Æ  x 1 : x 1 x 2...... : x s

25. More SYM gates Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Proof: Total communication = communication for 1 SYM X # SYM Q.E.D. Union bound over 2 #SYM circuitslimits # SYM. Open Problem: Better analysis?

26. Lemma[BNS]: Low communication complexity protocol P ) Pr x [P(x)  GIP(x)] ¸ ½ - n  log n Lemma: C small AC 0 circuit with  log 2 n SYM W.h.p. over  2 R p, C|  low comm. complexity Want Theorem: There is f 2 P s.t. 8 AC 0 circuit C of size n  log n with  log 2 n SYM gates Pr x [C(x)  f(x)] ¸ ½ - n  log n Summary of Lemmas

27. Proof: f = GIP ○ PARITY = C small AC 0 circuit with  log 2 n SYM Random Input x = random  + random y for the * E 1 : f |  ¼ GIP ) high comm. complexity –E 1 ( each bottom PARITY has * E 2 : C|  low comm. complexity Pr x [C(x)  f  (x)] ¸ Pr , y [ C|  (y)  f|  (y) | E 1, E 2 ] Pr [ E 1, E 2 ] = Pr y [ P(y)  GIP(y) ] ( 1 - n  log n ) ¸ ( ½ - n  log n ) Q.E.D. x 1................ x n Æ © Æ  ©©  ©© 

28. Theorem[This Work]: PRG : {0,1} n ! {0,1} s(n) with s(n) = n  log n fools AC 0 with  log 2 n SYM Improves [LVW93], fools richer class than [N91] Currently richest BP ¢ class one can derandomize Obtained from average-case hardness result Conj.: PRG from worst-case hardness ) C ¶ TC 0 Open problems:  (log 2 n) SYM? EXP average-case hard for GF(2) poly of deg. log n ? Conclusion