Download
1 / 13
130 likes | 245 Vues
This paper explores the potency of randomness in computational algorithms, particularly focusing on the implications of pseudorandom generators (PRGs) for derandomization and typical correctness in various classes of problems, including time-bounded and space-bounded algorithms. The authors, Jeff Kinne, Dieter van Melkebeek, and Ronen Shaltiel, delve into new approaches to prove derandomization results, leveraging weaker hardness assumptions and demonstrating how typical correctness can yield efficient algorithms. The findings potentially bridge gaps between derandomization theory and practical computational applications.
E N D
Pseudorandom Generators andTypically-Correct Derandomization Jeff Kinne, Dieter van MelkebeekUniversity of Wisconsin-Madison Ronen Shaltiel University of Haifa
The Power of Randomness? • Is randomness more powerful for … • Time-Bounded Algs? • Interactive Proofs? • Space-Bounded Algs? • Weaker Derandomization • [IW] “heuristic” • [GW] “typically-correct” BPP P Circuit Testing PRIMES • Does BPP = P? • Yes, if pseudorandom generators • Yes, if E ⊈ SIZE(2εn)[NW, IW, STV, SU, …] • But, circuit lower bounds difficult, • [KI] BPP=P ⇒ circuit lower bounds Random strings AM NP reject accept Graph Non-Iso BPL L UndirectedSTCON Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Typically-Correct Derandomization • More efficient derandomizations? • Weaker (or no) hardness assumptions? • How to leverage ability to make errors? • Randomized Algorithm A(x, r) computing lang L • B typically-correct for L: makes at most δ·2n errors • Our Contributions • New PRG approach • Simpler proofs, new derandomizations • Difficulty of proving typ-correct derand of BPP Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Extract Randomness from Input [GW] • If(1)most r correct for all x and (2) |r| < |x| • B(x) = A(x, x)makes few errors • Make error very small: B(x) = Majy(A(x, E(x,y))) • BPP: ifP hard-on-average for SIZESAT(nd),use PRG tomake alg satisfy Randomized Algorithm A(x, r) computing lang L Deterministic simulation B(x) = A(x, E(x)) Subsequent work: [vMS], [Zim], [Sha] Set of all r ≈ set of all x “perfect” r •x Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Extract Randomness from Input [Sha] • Use PRG to get |r| < |x| • BPP: if P very hard-on-average for SIZE(nd) … • Unconditional results for AC0, streaming algs, … • Assume |r| < |x|, goal: Prx[A(x,E(x)) = L(x)] ≈ Prx,r[A(x,r) = L(x)] ≥1-ρ Randomized Algorithm A(x, r) computing lang L Deterministic simulation B(x) = A(x, E(x)) E is2-Ω(m)-extractor for {x | A(x,r) = L(x)}, fixed “good” r Σ“good”r∊{0,1}m Σr∊{0,1}m Prx[A(x,r) = L(x)] · Prx[E(x) = r | A(x,r) = L(x)] Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Pseudorandom Generator Approach Randomized Algorithm A(x, r) computing lang L Deterministic simulation B(x) = A(x, E(x)) • View (x, r) as single combined input • G a “seed-extending” function, G(x) = x, E(x) • Show: |Prx[A(G(x)) = L(x)] - Prx,r[A(x,r) = L(x)]| ≤ ε • Yes if: G is ε-PRG against tests T(x,r): T(x,r) = 1 iff A(x,r) = L(x) A(G(x)) Goal: Prx[A(x,E(x)) = L(x)] ≈ Prx,r[A(x,r) = L(x)] ≥ 1-ρ A(G(x)) Then B makes≤ ρ+ε errors Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Pseudorandom Generator Approach • Can PRG’s be seed-extending? • Cryptographic – No! • Derandomization – Yes! [NW, STV, SU, …] • Different use of PRG • B only runs G once – very efficient if G is • Compare to [GW], [Sha] (PRG + extractor) • PRG is already enough! Randomized Algorithm A(x, r) computing lang L B(x) = A(G(x)), G a seed-extending PRG Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
New Typically-Correct Derand Results • BPP: P is 1/nc-hard for SIZE(nd)⇒ B in poly time andB(x)=L(x) for all but 1/nc fraction of x • Similar conditional results for AM, BPL, … Randomized Algorithm A(x, r) computing lang L B(x) = A(x, NWH(x)) NWH based on hardness of H Weaker than [GW], [Sha] Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
New Typically-Correct Derand Results • AC0 with few symmetric gates: A uses o(log2n) symm gates, error ρ≤ 1/3 ⇒ B in AC0[sym] and within ρ+n-Ω(log n) of L • Other settings: multi-party comm, … Randomized Algorithm A(x, r) computing lang L B(x) = A(x, NWH(x))NWH based on hardness of H Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Comparison with [Sha] • ⇒ PRG approach can prove all of [Sha] E is a seedless 2-Ω(|r|)-extractor fordistributions ≈ {x | A(x, r) = L(x)} [Sha] A(x, E(x)) typically-correct for L (x, E(x)) is a 2-Ω(|r|)-PRG for tests T(x,r) = 1 iff A(x,r) = L(x) Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Difficulty of Proving Typ-Cor Derand • [KI]BPP ⊆ NSUBEXP ⇒ NEXP ⊈ P/poly or PERM ∉ Arith-P/poly • Typically-correct derandomization without circuit lower bounds? • No for small error: NSUBEXP computes BPP with ≤ 2nε errors • Large error: cannot do with relativizing techniques or arithmetization [AW] Simpler proof for everywhere-correct setting Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Recap • New seed-extending PRG approach • simpler proofs, weaker hardness conditions • Unconditional results in some settings! • But, for BPP: unconditional results difficult • Typically-Correct Derandomization • Allowed to make small # of errors Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
Thanks! * Full paper and annotated slides available from my website Pseudorandom Generators and Typically-Correct Derandomization Kinne, Van Melkebeek, Shaltiel
