Download presentation

Published byJake Bradford Modified over 4 years ago

1
**Algebrization: A New Barrier in Complexity Theory**

P=BPP PNP Scott Aaronson (MIT) Avi Wigderson (IAS) NEXPP/poly NPSIZE(n) 4xyw-12yz+17xyzw-2x-2y-2z-2w IP=PSPACE MIP=NEXP NEXPP/polyNEXP=MA RG=EXP 13xw-44xz+x-7y+ -15xyz+43xy-5x PPSIZE(n) PPP/polyPP=MA PromiseMASIZE(n) MAEXPP/poly

2
**What To Call It? SCOTT & AVI A NEW KIND OF ORACLE**

Algebraic Relativization? Algevitization? Algevization? Algebraicization? Algebraization? Algebrization?

3
**Any proof of PNP will have to defeat two terrifying monsters…**

ARITHMETIZATION DIAGONALIZATION Any proof of PNP will have to defeat two terrifying monsters… A Relativization [Baker-Gill-Solovay 1975] Natural Proofs [Razborov-Rudich 1993] PNP Furthermore, even our best weapons seem to work against one monster but not the other…

4
**Vinodchandran’s Proof:**

Yet within the last decade, we’ve seen circuit lower bounds that overcome both barriers [Buhrman-Fortnow-Thierauf 1998]: MAEXP P/poly Furthermore, this separation doesn’t relativize [Vinodchandran 2004]: PP SIZE(nk) for every fixed k [A. 2006]: Vinodchandran’s result is non-relativizing Vinodchandran’s Proof: PP P/poly We’re done PP P/poly P#P = MA [LFKN] P#P = PP 2P PP [Toda] PP SIZE(nk) [Kannan] Non-Relativizing Non-Naturalizing [Santhanam 2007]: PromiseMA SIZE(nk) for fixed k

5
Bottom Line: Relativization and natural proofs, even taken together, are no longer insuperable barriers to circuit lower bounds Obvious Question [Santhanam 2007]: Is there a third barrier? This Talk: Unfortunately, yes. “Algebrization”: A generalization of relativization where the simulating machine gets access not only to an oracle A, but also a low-degree extension Ã of A over a finite field or ring We show: Almost all known techniques in complexity theory algebrize Any proof of PNP—or even P=RP or NEXPP/poly—will require non-algebrizing techniques

6
**Algebrizing Relativizing Naturalizing**

[Your result here] [LFKN], [Shamir], [BFL], [BFT], [Vinodchandran], [Santhanam], [IKW], … [GMW?] Relativizing Naturalizing [Toda], [Impagliazzo-Wigderson], [Valiant-Vazirani], [Kannan], hundreds more [Furst-Saxe-Sipser], [Razborov-Smolensky], [Raz], dozens more

7
**Outline A New Kind of Relativization**

Why Existing Results Algebrize Example: coNPIP The Need for Non-Algebrizing Techniques …to prove PNP …to prove P=RP Connections to Communication Complexity O(N log N) MA-protocol for Inner Product Conclusions and Open Problems

8
**Outline A New Kind of Relativization**

Why Existing Results Algebrize Example: coNPIP The Need for Non-Algebrizing Techniques …to prove PNP …to prove P=RP Connections to Communication Complexity O(N log N) MA-protocol for Inner Product Conclusions and Open Problems

9
**First, the old kind of relativization…**

x1 x2 x3 A x4 An oracle is basically just a Boolean function A that we can insert into a circuit as a “black box” Given a complexity class C, CA is the class of problems solvable by a C machine with oracle access to A The inclusion CD relativizes if CADA for all oracles A CA[poly]: Polynomial-size queries to A only CA[exp]: Exponential-size queries also allowed

10
**To prove an oracle separation between C and D means to construct an A such that CADA.**

In designing A, we get to be arbitrarily devious—toggling each bit independently. Example: Suppose a P machine is looking for an x{0,1}n such that A(x)=1. Then we can wait to see which x’s the machine queries, set A(x)=0 for all of them, and set A(x)=1 for some x that wasn’t queried. This idea (plus diagonalization over all P machines) was used by [Baker-Gill-Solovay] to create an A such that PANPA.

11
**Now for the “new” relativization**

An extension of a Boolean function A:{0,1}n{0,1} is an integer-valued polynomial Ã:ZnZ that agrees with A on all 2n Boolean points. Given a set of Boolean functions A={An} (one for each input size n), we’ll be interested in sets of polynomials Ã={Ãn} with the following properties: (i) Ãn is an extension of An for every n. (ii) deg(Ãn) cn for some constant c. (iii) size(Ãn(x)) p(size(x)) for some polynomial p, where Note: Can also consider extensions over finite fields instead of the integers. Will tell you when this distinction matters.

12
**A complexity class inclusion CD algebrizes if CADÃ for all oracles A and all extensions Ã of A.**

Proving CD requires non-algebrizing techniques if there exist A,Ã such that CADÃ. A separation CD algebrizes if CÃDA for all A,Ã. Proving CD requires non-algebrizing techniques if there exist A,Ã such that CÃDA. Notice we’ve defined things so that every relativizing result is also algebrizing. Why not require CÃDÃ? Because we don’t know how to prove things like PSPACEÃIPÃ!

13
Related Work Low-degree oracles have been studied before for various reasons [Fortnow94] defined a class O of oracles such that IPA=PSPACEA for all AO Since he wanted the same oracle A on both sides, he had to define A recursively (take a low-degree extension, then reinterpret as a Boolean function, then take another low-degree extension, etc.) He didn’t consider algebraic oracle separations (indeed, proving separations in his model seems much harder than in ours)

14
**Outline A New Kind of Relativization**

Why Existing Results Algebrize Example: coNPIP The Need for Non-Algebrizing Techniques …to prove PNP …to prove P=RP Connections to Communication Complexity O(N log N) MA-protocol for Inner Product Conclusions and Open Problems

15
**Why coNPIP Algebrizes**

Recall the usual coNPIP proof of [LFKN]: Bullshit! The only time Arthur ever has to evaluate the polynomial p directly is in the very last round—when he checks that p(r1,…,rn) equals what Merlin said it does, for some r1,…,rn chosen randomly in the previous rounds.

16
** A g x y How was the polynomial p produced?**

By starting from a Boolean circuit, then multiplying together terms that enforce “correct propagation” at each gate: A(x,y)g + (1-A(x,y))(1-g) Ã(x,y)g + (1-Ã(x,y))(1-g) xyg + (1-xy)(1-g) x y g A Arthur and Merlin then reinterpret p not as a Boolean function, but as a polynomial over some larger field. But what if the circuit contained oracle gates? Then how could Arthur evaluate p over the larger field? He’d almost need oracle access to a low-degree extension Ã of A. Hey, wait…

17
**Other Results That Algebrize**

PSPACEA[poly] IPÃ [Shamir] NEXPA[poly] MIPÃ [BFL] EXPA[poly] RGÃ (RG = Refereed Games) [FK] PPÃ PÃ/poly PPA MAÃ [LFKN] NEXPÃ[poly] PÃ/poly NEXPA[poly] MAÃ [IKW] MAEXPÃ[exp] PA/poly [BFT] PPÃ SIZEA(n) [Vinodchandran] PromiseMAÃ SIZEA(n) [Santhanam] OWF secure against PÃ NPA ZKIPÃ [GMW]

18
**Outline A New Kind of Relativization**

Why Existing Results Algebrize Example: coNPIP The Need for Non-Algebrizing Techniques …to prove PNP …to prove P=RP Connections to Communication Complexity O(N log N) MA-protocol for Inner Product Conclusions and Open Problems

19
**Proving PNP Will Require Non-Algebrizing Techniques**

Theorem: There exists an oracle A, and an extension Ã, such that NPÃPA. Proof: Let A be a PSPACE-complete language, and let Ã be the unique multilinear extension of A. Then Ã is also PSPACE-complete [BFL]. Hence NPÃ = PA = PSPACE.

20
**Harder Example: Proving P=RP Will Require Non-Algebrizing Techniques (hence P=NP as well)**

Theorem: There exist A,Ã such that RPAPÃ. What’s the difficulty here, compared to “standard” oracle separation theorems? Since Ã is a low-degree polynomial, we don’t have the freedom to toggle each Ã(x) independently. I.e. the algorithm we’re fighting is no longer looking for a needle in a haystack—it can also look in the haystack’s low-degree extension! We will defeat it anyway.

21
Theorem: Let F be a field, and let YFn be the set of points queried by the algorithm. Then there exists a polynomial p:FnF, of degree at most 2n, such that (i) p(y)=0 for all yY. (ii) p(z)=1 for at least 2n-|Y| Boolean points z. (iii) p(z)=0 for the remaining Boolean points. 1 Y

22
Proof: Given a Boolean point z, let z be the unique multilinear polynomial that’s 1 at z and 0 at all other Boolean points. Then we can express any multilinear polynomial r as A standard diagonalization argument now yields the separation between P and RP we wanted—at least in the case of finite fields. Requiring r(y)=0 for all yY yields |Y| linear equations in 2n unknowns. Hence there exists a solution r such that r(z)0 for at least 2n-|Y| Boolean points z. We now set In the integers case, we can no longer use Gaussian elimination to construct r. However, we (i.e. Avi) found a clever way around this problem using Chinese remaindering and Hensel lifting, provided every query y satisfies size(y)=O(poly(n)).

23
**Other Oracle Results We Can Prove By Building “Designer Polynomials”**

A,Ã : NPA coNPÃ A,Ã : NPA BPPÃ (only for finite fields, not integers) A,Ã : NEXPÃ PA/poly A,Ã : NPÃ SIZEA(n) By contrast, MAEXP P/poly and PromiseMA SIZE(n) algebrize! Since MAEXP and MA are “just above” NEXP and NP respectively (indeed equal to them under derandomization assumptions), we seem to get a precise explanation for why progress on non-relativizing circuit lower bounds stopped where it did.

24
**Outline A New Kind of Relativization**

Why Existing Results Algebrize Example: coNPIP The Need for Non-Algebrizing Techniques …to prove PNP …to prove P=RP Connections to Communication Complexity O(N log N) MA-protocol for Inner Product Conclusions and Open Problems

25
**From Algebraic Query Algorithms to Communication Protocols**

A(000)=1 A(001)=0 A(010)=0 A(011)=1 A(100)=0 A(101)=0 A(110)=1 A(111)=1 A0 A1 Truth table of a Boolean function A Alice and Bob’s Goal: Compute some property of the function A:{0,1}n{0,1}, using minimal communication. Let Ã:FnF be the unique multilinear extension of A over a finite field F. Theorem: If a problem can be solved using T queries to Ã, then it can also be solved using O(Tnlog|F|) bits of communication between Alice and Bob.

26
This argument works just as well in the randomized world, the nondeterministic world, the quantum world… Proof: Given any point yFn, we can write Also works with integer extensions (we didn’t have to use a finite field). The protocol is now as follows: y1 (O(nlog|F|) bits) Ã1(y1) (O(log|F|) bits) Theorem: If a problem can be solved using T queries to Ã, then it can also be solved using O(Tnlog|F|) bits of communication between Alice and Bob. y2 (O(nlog|F|) bits)

27
**Advantage of this approach: Ã is just the multilinear extension of A!**

The Harvest: Separations in Communication Complexity Imply Algebraic Oracle Separations (2n) randomized lower bound for Disjointness [KS 1987] [Razborov 1990] A,Ã : NPA BPPÃ (2n/2) quantum lower bound for Disjointness [Razborov 2002] A,Ã : NPA BQPÃ (2n/2) lower bound on MA-protocols for Disjointness [Klauck 2003] A,Ã : coNPA MAÃ Exponential separation between classical and quantum communication complexities [Raz 1999] A,Ã : BQPA BPPÃ Exponential separation between MA and QMA communication complexities [Raz-Shpilka 2004] A,Ã : QMAA MAÃ Advantage of this approach: Ã is just the multilinear extension of A! Disadvantage: The functions achieving the separations are more contrived (e.g. Disjointness instead of OR).

28
**“Hardest” communication predicate?**

Can also go the other way: use algebrization to get new communication protocols Recall that [Klauck 2003] showed Disjointness requires total communication (N) (where N=2n), even with a Merlin around to prove Alice and Bob’s sets are disjoint. “Obvious” Conjecture: Klauck’s lower bound can be improved to (N). The obvious conjecture is false! We give an MA-protocol for Disjointness (and indeed Inner Product) with total communication cost O(N log N). “Hardest” communication predicate?

29
**O(N log N) MA-protocol for Inner Product**

A:[N][N]{0,1} B:[N][N]{0,1} Claimed value S’ for S rRF Alice and Bob’s Goal: Compute First step: Let F be a finite field with |F|[N,2N]. Extend A and B to degree-(N-1) polynomials Now let If Merlin is honest, then But how to check S’=S? If S’S, then

30
**Outline A New Kind of Relativization**

Why Existing Results Algebrize Example: coNPIP The Need for Non-Algebrizing Techniques …to prove PNP …to prove P=RP Connections to Communication Complexity O(N log N) MA-protocol for Inner Product Conclusions and Open Problems

31
**Conclusions Arithmetization had a great run.**

It led to IP=PSPACE, the PCP Theorem, non-relativizing circuit lower bounds… Yet we showed it’s fundamentally unable to resolve barrier problems like P vs. NP, or even P vs. BPP or NEXP vs. P/poly. Why? It “doesn’t pry open the black-box wide enough.” I.e. it uses a polynomial-size Boolean circuit to produce a low-degree polynomial, which it then evaluates as a black box. It doesn’t exploit the small size of the circuit in any “deeper” way. To reach this conclusion, we introduced a new model of algebraic query complexity, which has independent applications (e.g. to communication complexity) and lots of nooks and crannies to explore in its own right.

32
**Open Problems Develop non-algebrizing techniques!**

Do there exist A,Ã such that coNPA AMÃ? Can we improve PSPACEA[poly] IPÃ to PSPACEÃ[poly] = IPÃ? Is MAEXPÃ[poly] PA/poly? Can our query complexity lower bound for integer extensions be generalized to queries of unbounded size? Do algebraic query complexity lower bounds ever imply communication complexity lower bounds? How far can we generalize our results to arbitrary error-correcting codes (not just low-degree extensions)? Can we construct “pseudorandom low-degree polynomials”?

Similar presentations

Presentation is loading. Please wait....

OK

Quantum Software Copy-Protection Scott Aaronson (MIT) |

Quantum Software Copy-Protection Scott Aaronson (MIT) |

© 2018 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google