Presentation is loading. Please wait.

Presentation is loading. Please wait.

15-251 Great Theoretical Ideas in Computer Science.

Published byKatherine Malone Modified over 8 years ago

Similar presentations

Presentation on theme: "15-251 Great Theoretical Ideas in Computer Science."— Presentation transcript:

1 15-251 Great Theoretical Ideas in Computer Science

2 Happy Valentine’s Day! What is the optimal method for breaking up an m  n chocolate bar?

3 The CS Valentine’s Day Problem “I have a crush, but I don’t have the guts to figure out if they like me back!”

4 The CS Valentine’s Day Problem “I have a crush, but I don’t have the guts to figure out if they like me back!” One-Time Opportunity: I am willing to serve as a trusted third-party Go to the 251 Website and enter the andrew ID of any 251 person you have a crush on. If they also have a crush on you, you will both know by 6pm

5 Polynomials, Secret Sharing, and Error- Correcting Codes Lecture 9 (February 14, 2006)

6 Remember the first assignment of the class? You had to come together as a class to determine a shared secret Each person obtained a character and a position It took only 1/3 of the class to determine the secret Today we will see how to split a secret into n “shares” and guarantee that the secret can only be determined if k out of n people come together

7 Polynomials P(x) = 3x 2 + 7x – 2 Q(x) = x 123 – 0.5x 25 + 19x 3 – 1 S(z) = z 2 – z - 1 W(x) = π

8 Representing A Polynomial A degree-d polynomial is represented by its (d+1) coefficients The numbers a d, a d-1, …, a 0 are the coefficients P(x) = a d x d + a d-1 x d-1 + … + a 1 x 1 + a 0 E.g. P(x) = 3x 4 – 7x 2 + 12x – 19 Coefficients are: 3, 0, -7, 12, -19

9 What Are The Coefficients? In this lecture, we will work with coefficients from Z p (where p is a prime number) The coefficients could be real numbers, integers, rational numbers, etc Z p = {0, 1, 2, …, p-1}

10 Facts About Polynomials Let P(x), Q(x) be two polynomials The sum P(x)+Q(x) is also a polynomial (i.e., polynomials are “closed under addition”) Their product P(x)Q(x) is also a polynomial (“closed under multiplication”) P(x)/Q(x) is not necessarily a polynomial

11 Multiplying Polynomials (x 2 +2x-1)(3x 3 +7x) =3x 5 + 7x 3 + 6x 4 + 14x 2 – 3x 3 – 7x = 3x 5 + 6x 4 + 4x 3 + 14x 2 – 7x

12 Evaluating A Polynomial Suppose: P(x) = 3x 4 – 7x 2 + 12x – 19 P(5) =3×5 4 – 7×5 2 + 12×5 – 19 3×(-1) 4 – 7×(-1) 2 + 12×(-1) – 19P(-1) = P(0) =- 19

13 The Roots of a Polynomial Suppose: P(x) = a d x d + a d-1 x d-1 + … + a 1 x 1 + a 0 Definition: r is a “root” of P(x) if P(r) = 0 P(x) = 3x + 7root = - (7/3) P(x) = x 2 – 2x + 1root = 1 P(x) = 3x 3 – 10x 2 + 9x – 2roots = 1/3, 1, 2

14 A non-zero degree-d polynomial P(x) has at most d roots The Single Most Important Fact About Low-degree Polynomials

15 A Crucial Implication Assume P(x) and Q(x) have degree at most d Suppose x 1, x 2, …, x d+1 are d+1 points such that P(x k ) = Q(x k ) for all k = 1,2,…,d+1 Then P(x) = Q(x) for all values of x Proof:Define R(x) = P(x) – Q(x) R(x) has degree d R(x) has d+1 roots, so it must be the zero polynomial

16 If you give me pairs (x 1, y 1 ), …, (x d+1, y d+1 ) then there is at most one degree-d polynomial P(x) such that: P(x k ) = y k for all k

17 Hmm: at most one? So perhaps there are no such degree-d polynomials with P(x k ) = y k for all the d+1 values of k

18 Lagrange Interpolation Given (d+1) pairs (x 1, y 1 ), (x 2, y 2 ), …, (x d+1, y d+1 ) then there is EXACTLY ONE degree-d polynomial P(x) such that P(x k ) = y k for all k

19 k-th “Switch” polynomial g k (x) = (x-x 1 )(x-x 2 )…(x-x k-1 )(x-x k+1 )…(x-x d+1 ) Degree of g k (x) is: g k (x) has d roots: (x-x 1 )(x-x 2 )…(x-x k-1 )(x-x k+1 )…(x-x d+1 ) (x k -x 1 )(x k -x 2 )…(x k -x k-1 )(x k -x k+1 )…(x k -x d+1 ) h k (x) = h k (x k ) =1 For all i ≠ k, h k (x i ) = d x 1,…,x k-1,x k+1,…,x d+1 0 Given (d+1) pairs (x 1, y 1 ), (x 2, y 2 ), …, (x d+1, y d+1 )

20 The Lagrange Polynomial P(x) = y 1 h 1 (x) + y 2 h 2 (x) + … + y d+1 h d+1 (x) (x-x 1 )(x-x 2 )…(x-x k-1 )(x-x k+1 )…(x-x d+1 ) (x k -x 1 )(x k -x 2 )…(x k -x k-1 )(x k -x k+1 )…(x k -x d+1 ) h k (x) = Given (d+1) pairs (x 1, y 1 ), (x 2, y 2 ), …, (x d+1, y d+1 ) P(x) is the unique polynomial of degree d such that P(x 1 ) = y 1, P(x 2 ) = y 2, …, P(x d+1 ) = y d+1

21 Example Input: (0,1), (1,2), (2,9) Switch polynomials: h 1 (x) =(x-1)(x-2)/(0-1)(0-2)= ½ (x-1)(x-2) h 2 (x) =(x-0)(x-2)/(1-0)(1-2)= x(x-2)/(-1) h 3 (x) =(x-0)(x-1)/(2-0)(2-1)= ½ x(x-1) P(x) = = 3x 2 – 2x + 1 1 × h 1 (x) + 2 × h 2 (x) + 9 × h 3 (x)

22 To recap: If you give me pairs (x 1, y 1 ), (x 2, y 2 ), …, (x d+1, y d+1 ) then there is exactly one degree-d P(x) such that P(x k ) = y k for all k (And I can find this P(x) using Lagrange interpolation)

23 Two Different Representations P(x) = a d x d + a d-1 x d-1 + … + a 1 x 1 + a 0 can be represented either by 1. d+1 coefficients a d, a d-1, …, a 2, a 1, a 0 2. Its value at any d+1 points P(x 1 ), …, P(x d ), P(x d+1 ) (e.g., P(0), P(1), P(2), …, P(d+1))

24 Converting Between The Two Representations Coefficients to Evaluation: Evaluation to Coefficients: Evaluate P(x) at d+1 points Use Lagrange Interpolation

25 Difference In The Representations Adding two polynomials: P(x) can be represented by: a) d+1 coefficients a d, a d-1, …, a 1, a 0 b) Value at d+1 points P(x 1 ), …, P(x d+1 ) Both representations are equally good, since in both cases the new polynomial can be represented by the sum of the representations

26 Multiplying two polynomials: Representation (a) requires (d+1) 2 multiplications Difference In The Representations P(x) can be represented by: a) d+1 coefficients a d, a d-1, …, a 1, a 0 b) Value at d+1 points P(x 1 ), …, P(x d+1 ) Representation (b) requires finding new points in both polynomials

27 Evaluating the polynomial at some point: Difference In The Representations P(x) can be represented by: a) d+1 coefficients a d, a d-1, …, a 1, a 0 b) Value at d+1 points P(x 1 ), …, P(x d+1 ) Is easy with representation (a) Requires Lagrange interpolation with (b)

28 Now hang on a minute! Why would I ever want to send you a polynomial? The Value-Representation Is Tolerant To “Erasures” I want to send you a polynomial P(x) of degree d Suppose your mailer drops my emails once in a while

29 The Value-Representation Is Tolerant To “Erasures” Say, I wanted to say “hello”. I could write it as “8 5 12 12 15” and hence as 8 x 4 + 5 x 3 + 12 x 2 + 12 x + 15 I want to send you a polynomial P(x) of degree d Suppose your mailer drops my emails once in a while

30 The Value-Representation Is Tolerant To “Erasures” I could evaluate P(x) at n > d+1 points and send ( k, P(k) ) to you for all k = 1, …,d, …,n As long you get at least (d+1) of these, you can reconstruct P(x) I want to send you a polynomial P(x) of degree d Suppose your mailer drops my emails once in a while

31 But Is It Tolerant To “Corruption”? I want to send you a polynomial P(x) of degree d Suppose your mailer corrupts my emails once in a while E.g., suppose P(x) = 2x 2 + 1, and I chose n = 4 So I sent you (0,1), (1, 3), (2, 9), (3,19) Corrupted email says (0,1), (1, 2), (2, 9), (3, 19) You choose (0,1), (1,2), (2,9) and get Q(x) =

32 Error-Detecting Representation The above scheme does detect errors! If we send the value of degree-d polynomial P(x) at n ≥ d+1 different points, ( x 1, P(x 1 ) ), ( x 2, P(x 2 ) ), …, ( x n, P(x n ) ) then we can detect corruptions as long as there are fewer than (n-d) of them Why? If only n-d-1 corruptions, then d+1 correct points!

33 Error Correcting Codes (ECCs) Also Error Correcting Representation As long as fewer than (n-d)/2 corruptions then we can get back the original polynomial P(x)!!! Don’t need to know which ones are corrupted, just that there are < (n-d)/2 corruptions (We won’t go over how to do this)

34 Secret Sharing Missile has random secret number S encoded into its hardware. It will not arm without being given S n officers have memorized a private, individual “share” Any k out of n of them should be able to assemble their shares so as to obtain S Any ≤ k-1 of them should not be able to jointly determine any information about S

35 A k-out-of-n Secret Sharing Scheme Let S be a random “secret” from Z p Want to give shares S 1, S 2, …, S n to the n officers such that: If we have k of the S i ’s, then we can find out S If we have k-1 S i ’s, then any secret is equally likely to have produced this set of S i ’s

36 Our k-out-of-n S.S.S. Let S be a random “secret” from Z p Pick k-1 random coefficients R 1, R 2, …, R k-1 from Z p Let P(x) = R k-1 x k-1 + R k-2 x k-2 + … + R 1 x 1 + S For any j in {1,2,…,n}, officer j’s share S j = P(j) P(0) = where P hits y-axis = S P(x) chosen to be a random degree k-1 polynomial given that P hits the y-axis at S

37 Our k-out-of-n S.S.S. Let S be a random “secret” from Z p Pick k-1 random coefficients R 1, R 2, …, R k-1 from Z p Let P(x) = R k-1 x k-1 + R k-2 x k-2 + … + R 1 x 1 + S For any j in {1,2,…,n}, officer j’s share S j = P(j) If k officers get together, they can figure out P(x) And then evaluate P(0) = S

38 Our k-out-of-n S.S.S. And so each S’ equally likely! If k-1 officers get together, they know P(x) at k-1 different points For each value of S’, we can get a unique polynomial P’ passing through their points, and P’(0) = S’

39 Study Bee Polynomials Degree-d polynomial has at most d roots Lagrange Interpolation Given d+1 pairs (x k, y k ), can find unique polynomial P such that P(x k ) = y k for all these k Applications Error detecting/correcting codes Secret sharing

Download ppt "15-251 Great Theoretical Ideas in Computer Science."

Similar presentations

15-251: Great Theoretical Ideas in Computer Science Error Correction Lecture 17 October 23, 2014.

15-251: Great Theoretical Ideas in Computer Science Error Correction Lecture 17 October 23, 2014.
Section 6.6 Finding Rational Zeros. Rational Zero Theorem Synthetic & Long Division Using Technology to Approximate Zeros Today you will look at finding.

Section 6.6 Finding Rational Zeros. Rational Zero Theorem Synthetic & Long Division Using Technology to Approximate Zeros Today you will look at finding.
1. 2 Overview Review of some basic math Review of some basic math Error correcting codes Error correcting codes Low degree polynomials Low degree polynomials.

1. 2 Overview Review of some basic math Review of some basic math Error correcting codes Error correcting codes Low degree polynomials Low degree polynomials.
Any questions on the Section 5.2 homework?. Please CLOSE YOUR LAPTOPS, and turn off and put away your cell phones, and get out your note- taking materials.

Any questions on the Section 5.2 homework?. Please CLOSE YOUR LAPTOPS, and turn off and put away your cell phones, and get out your note- taking materials.
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Creating Polynomials Given the Zeros.. What do we already know about polynomial functions? They are either ODD functions They are either EVEN functions.

Creating Polynomials Given the Zeros.. What do we already know about polynomial functions? They are either ODD functions They are either EVEN functions.
Administrative Oct. 2 Oct. 4 – QUIZ #2 (pages 45-79 of DPV)

Administrative Oct. 2 Oct. 4 – QUIZ #2 (pages of DPV)
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.

Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Secret Sharing Algorithms

Secret Sharing Algorithms
Chapter 11 Algebraic Coding Theory. Single Error Detection M = (1, 1, …, 1) is the m  1 parity check matrix for single error detection. If c = (0, 1,

Chapter 11 Algebraic Coding Theory. Single Error Detection M = (1, 1, …, 1) is the m  1 parity check matrix for single error detection. If c = (0, 1,
1. 2 Overview Some basic math Error correcting codes Low degree polynomials Introduction to consistent readers and consistency tests H.W.

1. 2 Overview Some basic math Error correcting codes Low degree polynomials Introduction to consistent readers and consistency tests H.W.
CSE 541 - Interpolation Roger Crawfis.

CSE Interpolation Roger Crawfis.
Error Detection and Reliable Transmission EECS 122: Lecture 24 Department of Electrical Engineering and Computer Sciences University of California Berkeley.

Error Detection and Reliable Transmission EECS 122: Lecture 24 Department of Electrical Engineering and Computer Sciences University of California Berkeley.
LIAL HORNSBY SCHNEIDER

LIAL HORNSBY SCHNEIDER
Dividing Polynomials.

Dividing Polynomials.
Warm up Use the Rational Root Theorem to determine the Roots of : x³ – 5x² + 8x – 6 = 0.

Warm up Use the Rational Root Theorem to determine the Roots of : x³ – 5x² + 8x – 6 = 0.
Polynomial Division: Dividing one polynomial by another polynomial to find the zeros of the polynomial. Ex 1: Find the zeros of Solution:1 st way: At.

Polynomial Division: Dividing one polynomial by another polynomial to find the zeros of the polynomial. Ex 1: Find the zeros of Solution:1 st way: At.
1 Preliminaries Precalculus Review I Precalculus Review II

1 Preliminaries Precalculus Review I Precalculus Review II
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Prerequisites: Fundamental Concepts of Algebra

Prerequisites: Fundamental Concepts of Algebra

Similar presentations

Ads by Google