# Having Proofs for Incorrectness

## Presentation on theme: "Having Proofs for Incorrectness"— Presentation transcript:

Having Proofs for Incorrectness
coNP Having Proofs for Incorrectness Complexity

Introduction Objectives: Overview:
To introduce the complexity class coNP To explore the primality problem. Overview: coNP: Definition and examples coNP=NP? and NP=P? PRIMES and Pratt’s theorem Complexity

CoNP Def: CoNP is the class of problems that have succinct non-membership witnesses. Complexity

VALIDITY Instance: A Boolean formula
Problem: To decide if the formula is valid (i.e satisfiable by all possible assignments) A valid Boolean formula: An invalid Boolean formula: Complexity

Indeed it doesn’t satisfy x!
VALIDITY is in coNP Guess an assignment Verify it doesn’t satisfy the formula (x)=F x Indeed it doesn’t satisfy x! Complexity

Using what we Know about NP
By definition, the complement of every NP language is in coNP. The complement of a coNP language is NP. VALIDITY is in coNP! Since SAT is in NP... Complexity

P  coNP: As coP = P, and P  NP
NP and coNP P NP coNP P  coNP: As coP = P, and P  NP Complexity

NP-Complete & coNP-Complete
L NP-Complete  Lc coNP-Complete. AcNP R LNP-Complete AcoNP R LccoNP -Complete Complexity

Does the opposite direction also hold?
NP=P? & coNP=NP? Claim: P=NP implies coNP=NP. Proof: P=coP, hence if P=NP, NP=coNP.  Does the opposite direction also hold? Complexity

coNP=NP? & Completeness in coNP
Claim: If a coNP-Complete problem L is in NP, under Karp reduction, then coNP=NP. Proof: in that case, any AcoNP, must be in NP AcoNP ANP R LcoNP-Complete LNP Complexity

What’s coNP’s Proper Position?
Complexity

Here It Is! Open question: Are NP\coNP, coNP\NP actually empty? P NP
Complexity

PRIMES Instance: A number in binary representation.
Problem: To decide if this number is prime. Yes instance: 10111 No instance: 10110 Complexity

Is Primes in P ?! What’s the problem with the following algorithm?
Input: a number N Output: is N prime? for i in 2..N do for j in 2..N do if i*j=N, return FALSE return TRUE Complexity

Don’t forget to make sure this takes
PRIMES is in coNP Don’t forget to make sure this takes polynomial time Given a number N Guess two numbers i and j Verify i*j=N . . . 1 # . . . 1 # Complexity

5 is prime. What are its primitive roots?
PAP Is PRIMES in NP? Claim: A number p > 2 is prime iff  a number 1<r<p (called primitive root) s.t 1) rp-1 = 1 (mod p) 2)  prime divisor q of p-1: r(p-1)/q 1 (mod p) 5 is prime. What are its primitive roots? Complexity

Pratt’s Theorem Pratt’s Theorem: PRIMES is in NPcoNP.
Proof: Assuming the above claim we need to find some type of a guess that can be easily verify... Complexity

What Can We Get By Guessing r?
We first need to verify rp-1=1 (mod p) BUT rp-1 mod p requires only poly-space rp-1 can be super-exponential! Complexity

What Can We Get By Guessing r?
We first need to verify rp-1=1 (mod p) Performing p-1 multiplications is not polynomial! But you can start with r and square log(p-1) times! Complexity

Verifying the Second Requirement
Next we need to verify, that  prime divisor q of p-1: r(p-1)/q 1 (mod p) Lemma: Any n>1 has klogn prime divisors. Proof: Denote the prime divisors of n by q1,...,qk. Note that nq1·... ·qk and all qi2. Thus n2k, i.e - klogn.  Complexity

Verifying the Second Requirement
Next we need to verify, that  prime divisor q of p-1: r(p-1)/q 1 (mod p) How would you find the prime divisors of p-1? Obviously I wouldn’t! I’d just guess them! Complexity

Verifying the Second Requirement
Next we need to verify, that  prime divisor q of p-1: r(p-1)/q 1 (mod p) How would you verify they are prime? Exactly the same way! Complexity

Make sure it’s succinct
Claim  Theorem The certificate that a natural p is a prime is the following: p=2 C(p)=() p>2 C(p)=(r,q1,C(q1),...,qk,C(qk)) Make sure it’s succinct Complexity

Make sure it takes poly-time
The Verification 1. If p=2, accept 2. Otherwise, verify rp-1=1 (mod p). 3. Check that p can be reduced to 1 by repeated divisions by the qi’s. 4. Check r(p-1)/qi1 (mod p) for all the qi’s. 5. Recursively apply this algorithm upon every qi,C(qi) Make sure it takes poly-time Complexity

Proof of Claim Need to show that every prime satisfies both conditions and that any number satisfying both conditions is a prime Complexity

Observe: For any prime p, (p)={1,...,p-1}
Euler’s Function (n) = { m | 1 m < n AND gcd(m,n)=1 } Euler’s function: (n)=|(n)| Example: (12)={1,2,3,4,5,6,7,8,9,10,11} (12)=4 Observe: For any prime p, (p)={1,...,p-1} Complexity

Fermat’s Little Theorem
Fermat’s Little Theorem: Let p be a prime number  0 < a < p, ap-1 =1 (mod p) p=5; a=2 25-1 mod 5 = 16 mod 5 = 1 Example: Complexity

Observation 0<a<p, a·(p):={a·m (mod p) | m(p)} = (p)
Example: 1 2 4 3 (5) ·2 (mod 5) 2 4 1 3 Complexity

Fermat’s Theorem: Proof
Therefore, for any 0<a<p:  0 (mod p) Complexity

Generalization Claim: For all a(n) , a(n)=1 (mod n). Example:
Complexity

Generalization: Proof
Again: For any a(n), a·(n)=(n) Again: m(n)m  0 (mod n) 1 3 5 7 (8) Example: * (mod 8) And the claim follows.  Complexity

What have we got So Far We know if p is prime condition (1) holds for all a For non prime n, condition (1) may hold for some a but then a(n)=1 (mod n) as well, hence an-1-(n)=1 (mod n) Complexity

Exponents Def: If m(p), the exponent of m is the smallest integer k > 0 such that mk=1 (mod p). Example: p=7, m=4(7), the exponent of 4 is 3. Complexity

All Residues Have Exponents
Let s  (p).  j > i  N that satisfy si=sj (mod p). si is indivisible by p.  sj-i=1 (mod p). Complexity

Regarding Exponents Observation: The only powers of m that are 1 (mod p) are multiplies of its exponent! Assuming rp-1 = 1 (mode p), by Fermat’s theorem, r’s exponent divides p-1 Complexity

Non Primes Must Fail For a non prime n: It must be that (p) < p-1.
Assume there is r s.t rp-1=1 (mod p) We’ve shown r(p)=1 (mod p) So there is also a prime divisor q of p-1, s.t r(p-1)/q =1 mod p. We may conclude: if both conditions hold p is prime! Complexity

An Equivalent Definition of Euler’s Function Using Prime Divisors
Let p be a prime divisor of n. The probability p divides a candidate is 1/p. Thus: 2 6 4 1 7 . . . 3 5 n-1 all the residues modulo n are candidates for (n) Complexity

Corollaries Corollary: If gcd(m,n)=1, (mn)=(m)(n). Proof: 
(6)=|{1,5}|=2 (2)=|{1}|=1 (3)=|{1,2}|=2 Complexity

The Chinese Remainder Theorem
The Chinese Remainder Theorem: If n is the product of distinct primes p1,...,pk, for each k-tuple of residues (r1,...,rk), where ri(pi), there is a unique r(n), where ri=r mod pi for every 1ik. 21=7·3 (21)={1,2,4,5,8,10,11,13,16,17,19,20} (3) ={1,2} (7) ={1,2,3,4,5,6} Complexity

The Chinese Remainder Theorem
Proof: If n is the product of distinct primes p1,...,pk, then (n)=1ik(pi-1). This means |(n)|=|(p1)...(pk)|. The following is a 1-1 correspondence between the two sets: r (r mod p1,...,r mod pk) Complexity

Another Property of the Euler Function
Claim: m|n(m)=n. Example: m|12(m)= (1) + (2) + (3) + (4) + (6) + (12)= |{1}| + |{1}| + |{1,2}| + |{1,3}| + |{1,5}| + |{1,5,7,11}|= = 12 Complexity

Another Property of the Euler Function
Claim: m|n(m)=n. Proof: Let 1ilpiki be the prime factorization of n. (n)=np|n(1-1/p) m|n(m)= Since (ab)=(a)(b) telescopic sum Complexity

Group together Residues with Same Exponent
Fix a p and let R(k) denote the number of residues with exponent k. If k does not divide p-1, R(k)=0. Can you upper bound R(k)? Complexity

Polynomials Have Few Roots
Claim: Any polynomial of degree k that is not identically zero has at most k distinct roots modulo p. Proof: By induction on k. Trivially holds for k=0. Suppose it also holds for some k-1. By way of contradiction, assume x1,...,xk+1 are roots of (x)=akxk+...+a0. ’(x)= (x)-ak1ik(x-xi) is of degree k-1 and not identically zero. x1,...,xk are its roots - Contradiction!  Complexity

How Many Residues Can Share an Exponent?
Conclusion: There are at most k residues of exponent k. Claim: R(k) ≤ (k) Proof: Let s be a residue of exponent k. (1,s,s2,…,sk-1) are k distinct solutions of xk=1 (mod p) (why?) If sl has exponent k, l(k) (otherwise its exponent is lower). Complexity

All p-1 residues have exponents
Summing Up = p-1 p-1 = m|n(m)=n All p-1 residues have exponents Complexity

Summing Up R(k)=(k) for all divisors of p-1 R(p-1) = (p-1) > 0
p has at least one primitive root Complexity

Where Do We Stand? We’ve shown every prime has a primitive root. Hence any prime satisfied both conditions We’ve previously shown any non prime does not satisfy both conditions Complexity

Q.E.D! This finally proves the validity of our alternative characterization of primes, which implies that PRIMES is in NP. Complexity

Place PRIMES PRIMES P NP coNP Complexity

 Summary We’ve studied the complexity class coNP,
and explored the relations between coNP and other classes, such as P and NP. We’ve introduced PRIMES and showed it’s in NPcoNP, though it’s believed not to be in P. Complexity