a tight lower bound for entropy flattening
play

A Tight Lower Bound for Entropy Flattening Yi-Hsiu Chen 1 os 1 Salil - PowerPoint PPT Presentation

Oct 08, 2023 •157 likes •627 views

A Tight Lower Bound for Entropy Flattening Yi-Hsiu Chen 1 os 1 Salil Vadhan 1 Jiapeng Zhang 2 Mika G o 1 Harvard University, USA 2 UC San Diego, USA June 23, 2018 1 / 18 Agenda 1 Problem Definition / Model 2 Cryptographic Motivations 3

  1. A Tight Lower Bound for Entropy Flattening Yi-Hsiu Chen 1 os 1 Salil Vadhan 1 Jiapeng Zhang 2 Mika G¨ o¨ 1 Harvard University, USA 2 UC San Diego, USA June 23, 2018 1 / 18

  2. Agenda 1 Problem Definition / Model 2 Cryptographic Motivations 3 Proof Techniques 2 / 18

  3. Flatness Definition (Entropies) Let X be a distribution over { 0 , 1 } n . Define the surprise of x to be H X ( x ) = log(1 / Pr [ X = x ]) . H sh ( X ) def = x ∼ X [ H X ( x )] , E H min ( X ) def = min x H X ( x ) , H max ( X ) def = log | Supp X | ≤ max H X ( x ) . x H min ( X ) ≤ H sh ( x ) ≤ H max ( X ) (The gap can be Θ( n ) .) A source X is flat iff H sh ( X ) = H min ( X ) = H max ( X ) . 3 / 18

  4. Entropy Flattening Flattening Algorithm A Input source X Output source Y nearly flat ( H sh ( Y ) ≈ H min ( Y ) ≈ H max ( Y ) ) 4 / 18

  5. Entropy Flattening Flattening Algorithm A Input source X Output source Y nearly flat ( H sh ( Y ) ≈ H min ( Y ) ≈ H max ( Y ) ) Entropies of the output and input sources are monotonically related. 4 / 18

  6. Entropy Flattening Flattening Algorithm A Input source X Output source Y nearly flat ( H sh ( Y ) ≈ H min ( Y ) ≈ H max ( Y ) ) Entropies of the output and input sources are monotonically related. max max min flattening min/max Shannon gap sh � gap max sh min min X L X H Y L Y H 4 / 18

  7. Entropy Flattening Entropy Flattening Problem Find an flattening algorithm A : If H sh ( X ) ≥ τ + 1 , then H ε min ( Y ) ≥ k + ∆ . If H sh ( X ) ≤ τ − 1 , then H ε max ( Y ) ≤ k − ∆ . 5 / 18

  8. Entropy Flattening Entropy Flattening Problem Find an flattening algorithm A : If H sh ( X ) ≥ τ + 1 , then H ε min ( Y ) ≥ k + ∆ . If H sh ( X ) ≤ τ − 1 , then H ε max ( Y ) ≤ k − ∆ . Smooth Entropies min ( Y ) ≥ k if ∃ Y ′ s.t. H min ( Y ) ≥ k and d TV ( Y, Y ′ ) ≤ ε . H ε max ( Y ) ≤ k if ∃ Y ′ s.t. H max ( Y ) ≤ k and d TV ( Y, Y ′ ) ≤ ε . H ε 5 / 18

  9. Solution: Repetition Theorem ([HILL99, HR11]) X : a distribution over { 0 , 1 } n . Let Y = ( X 1 , . . . , X q ) where X i s are i.i.d. copies of X . � � � H ε min ( Y ) , H ε max ( Y ) ∈ H sh ( Y ) ± O n q log(1 /ε ) � � � �� log(1 /ε ) q · H sh ( X ) ± O n q (Asymptotic Equipartition Property (AEP) in information theory) 6 / 18

  10. Solution: Repetition Theorem ([HILL99, HR11]) X : a distribution over { 0 , 1 } n . Let Y = ( X 1 , . . . , X q ) where X i s are i.i.d. copies of X . � � � H ε min ( Y ) , H ε max ( Y ) ∈ H sh ( Y ) ± O n q log(1 /ε ) � � � �� log(1 /ε ) q · H sh ( X ) ± O n q (Asymptotic Equipartition Property (AEP) in information theory) q = O ( n 2 ) is sufficient for the constant entropy gap. q = Ω( n 2 ) is needed due to anti-concentration results. [HR11] 6 / 18

  11. Query Model The Model: Input source : encoded by a function f : { 0 , 1 } n → { 0 , 1 } m and defined as f ( U n ) . Flattening algorithm : oracle algorithm A f : { 0 , 1 } n ′ → { 0 , 1 } m ′ has query access to f . Output source : A f ( U n ′ ) . Example : A f ( r 1 , . . . , r q ) = ( f ( r 1 ) , . . . , f ( r q )) 7 / 18

  12. Query Model The Model: Input source : encoded by a function f : { 0 , 1 } n → { 0 , 1 } m and defined as f ( U n ) . Flattening algorithm : oracle algorithm A f : { 0 , 1 } n ′ → { 0 , 1 } m ′ has query access to f . Output source : A f ( U n ′ ) . Example : A f ( r 1 , . . . , r q ) = ( f ( r 1 ) , . . . , f ( r q )) Def: Flattening Algorithm � ≥ τ + 1 � ≥ k + ∆ � f ( U n ) � A f ( U n ′ ) H ε H sh ⇒ min � ≤ τ − 1 � ≤ k − ∆ � f ( U n ) � A f ( U n ′ ) H ε H sh ⇒ max 7 / 18

  13. Query Model The Model: Input source : encoded by a function f : { 0 , 1 } n → { 0 , 1 } m and defined as f ( U n ) . Flattening algorithm : oracle algorithm A f : { 0 , 1 } n ′ → { 0 , 1 } m ′ has query access to f . Output source : A f ( U n ′ ) . Example : A f ( r 1 , . . . , r q ) = ( f ( r 1 ) , . . . , f ( r q )) Def: Flattening Algorithm � ≥ τ + 1 � ≥ k + ∆ � f ( U n ) � A f ( U n ′ ) H ε H sh ⇒ min � ≤ τ − 1 � ≤ k − ∆ � f ( U n ) � A f ( U n ′ ) H ε H sh ⇒ max More powerful: Querying correlated positions or even in an adaptive way. Computation on the query inputs. e.g., hashing 7 / 18

  14. Main Theorems Theorem Flattening algorithms for n -bit oracles f require Ω( n 2 ) oracle queries. 8 / 18

  15. Main Theorems Theorem Flattening algorithms for n -bit oracles f require Ω( n 2 ) oracle queries. Def: SDU Algorithm � ≥ τ + 1 � A f ( U n ′ ) , U m ′ � < ε . � f ( U n ) H sh ⇒ d TV � ≤ τ − 1 � / 2 m ′ ≤ ε . � f ( U n ) � A f ( U n ′ ) H sh ⇒ Supp Flattening Algorithm ⇐ ⇒ SDU Algorithm (Reduction between two NISZK-complete problems [GSV99]) Theorem SDU algorithms for n -bit oracles f require Ω( n 2 ) oracle queries. 8 / 18

  16. Connection to Cryptographic Constructions Example : OWF f → PRG g f ([HILL90, Hol06, HHR06, HRV10, VZ13]): 1 Create a gap between “pseudoentropy” and (true) entropy. 2 Guess the entropy threshold τ (or other tricks). 3 Flatten entropies. 4 Extract the pseudorandomness (via universal hashing). 9 / 18

  17. Connection to Cryptographic Constructions Example : OWF f → PRG g f ([HILL90, Hol06, HHR06, HRV10, VZ13]): 1 Create a gap between “pseudoentropy” and (true) entropy. 2 Guess the entropy threshold τ (or other tricks). ˜ O ( n ) queries 3 Flatten entropies. ˜ O ( n 2 ) queries 4 Extract the pseudorandomness (via universal hashing). Overall, the best PRG makes ˜ O ( n 3 ) queries to the one-way function [HRV10, VZ13]. From regular one-way function, Step 3 is unnecessary, and so ˜ O ( n ) query is sufficient. [HHR06] 9 / 18

  18. Connection to Cryptographic Constructions Example : OWF f → PRG g f ([HILL90, Hol06, HHR06, HRV10, VZ13]): 1 Create a gap between “pseudoentropy” and (true) entropy. 2 Guess the entropy threshold τ (or other tricks). ˜ O ( n ) queries 3 Flatten entropies. ˜ O ( n 2 ) queries 4 Extract the pseudorandomness (via universal hashing). Overall, the best PRG makes ˜ O ( n 3 ) queries to the one-way function [HRV10, VZ13]. From regular one-way function, Step 3 is unnecessary, and so ˜ O ( n ) query is sufficient. [HHR06] Holenstein and Sinha ([HS12]) prove that any black-box construction requires ˜ Ω( n ) queries. (From Step 2. Applicable to regular OWF) 9 / 18

  19. Connection to Cryptographic Constructions Example : OWF f → PRG g f ([HILL90, Hol06, HHR06, HRV10, VZ13]): 1 Create a gap between “pseudoentropy” and (true) entropy. 2 Guess the entropy threshold τ (or other tricks). ˜ O ( n ) queries 3 Flatten entropies. ˜ O ( n 2 ) queries 4 Extract the pseudorandomness (via universal hashing). Overall, the best PRG makes ˜ O ( n 3 ) queries to the one-way function [HRV10, VZ13]. From regular one-way function, Step 3 is unnecessary, and so ˜ O ( n ) query is sufficient. [HHR06] Holenstein and Sinha ([HS12]) prove that any black-box construction requires ˜ Ω( n ) queries. (From Step 2. Applicable to regular OWF) Can we do better in the entropy flattening step? 9 / 18

  20. Overview of the Proof Def: SDU Algorithm � ≥ τ + 1 � A f ( U n ′ ) , U m ′ � < ε . � f ( U n ) H sh ⇒ d TV � ≤ τ − 1 � / 2 m ′ ≤ ε . � f ( U n ) � A f ( U n ′ ) H sh ⇒ Supp 1 Construct distributions D H and D L : Sample f from D H , then H sh ( f ( U n )) ≥ τ + 1 w.h.p. Sample f from D L , then H sh ( f ( U n )) ≤ τ − 1 w.h.p. 2 A cannot “behave very different” on both distributions by making only q = o ( n 2 ) queries. 10 / 18

  21. Construction of f Partition the domain into s blocks, each with t elements ( s · t = 2 n ) Concentrated: map to the same element. Scattered: map to all distinct elements. 2 3 n/ 4 blocks f � �� � . . . { 0 , 1 } n Sca Sca Con Sca Con Sca � �� � 2 n/ 4 elements ↓ { 0 , 1 } m 11 / 18

  22. Construction of f Partition the domain into s blocks, each with t elements ( s · t = 2 n ) Concentrated: map to the same element. Scattered: map to all distinct elements. 2 3 n/ 4 blocks f � �� � . . . { 0 , 1 } n Sca Sca Con Sca Con Sca � �� � 2 n/ 4 elements ↓ { 0 , 1 } m ≥ s · (1 / 2 + 4 /n ) blocks are scattered ⇒ H sh ( f ) ≥ 7 n/ 8 + 1 ≤ s · (1 / 2 − 4 /n ) blocks are scattered ⇒ H sh ( f ) ≤ 7 n/ 8 − 1 11 / 18

  23. D H and D L 2 3 n/ 4 blocks f � �� � . . . { 0 , 1 } n Sca Sca Con Sca Con Sca � �� � 2 n/ 4 elements ↓ { 0 , 1 } m 1 Randomly partition { 0 , 1 } n into 2 3 n/ 4 blocks. 12 / 18

  24. D H and D L 2 3 n/ 4 blocks f � �� � . . . { 0 , 1 } n Sca Sca Con Sca Con Sca � �� � 2 n/ 4 elements ↓ { 0 , 1 } m 1 Randomly partition { 0 , 1 } n into 2 3 n/ 4 blocks. 2 Decide each block to be scattered or concentrated. D H : scattered with probability (1 / 2 + 5 /n ) , then w.h.p, ≥ s · (1 / 2 + 4 /n ) blocks are scattered D L : scattered with probability (1 / 2 − 5 /n ) , then w.h.p, ≤ s · (1 / 2 − 4 /n ) blocks are scattered 12 / 18

Recommend

Tight Lower Bound for Comparison-Based Quantile Summaries Pavel Vesel y University of Warwick

Tight Lower Bound for Comparison-Based Quantile Summaries Pavel Vesel y University of Warwick

Tight Lower Bound for Comparison-Based Quantile Summaries Pavel Vesel y University of Warwick 8 April 2020 Based on joint work with Graham Cormode (Warwick) Powered by Beamer i k Z Overview of the talk &amp; Quantiles &amp; Distributions

652 views • 52 slides
On the lower bound of the viscosity to entropy denstiy ratio Antal Jakov ac BME Technical

On the lower bound of the viscosity to entropy denstiy ratio Antal Jakov ac BME Technical

Introduction eta/s in field theory Quasiparticle systems Conclusions On the lower bound of the viscosity to entropy denstiy ratio Antal Jakov ac BME Technical University Budapest A. Jakovac and D. Nogradi, arXiv:0810.4181 A. Jakovac,

775 views • 51 slides
Tight lower bound for the Channel Assignment problem Arkadiusz Socaa University of Warsaw

Tight lower bound for the Channel Assignment problem Arkadiusz Socaa University of Warsaw

Tight lower bound for the Channel Assignment problem Arkadiusz Socaa University of Warsaw Arkadiusz Socaa Tight lower bound for the Channel Assignment problem Graph Coloring Recall the Graph Coloring problem. 2 1 3 3 1 2 1 coloring

551 views • 30 slides
A Superpolynomial Lower Bound for Clique Function Circuits with at most 1 6 loglog n Negation

A Superpolynomial Lower Bound for Clique Function Circuits with at most 1 6 loglog n Negation

Main Results Hawks Eye View Extending Montone Lower Bounds to Limited Negations Monotone Lower bound for Clique function using Bottleneck counting Connecting the two worlds Thank You A Superpolynomial Lower Bound for Clique Function

1.03k views • 71 slides
SVMpAUC-tight: A new algorithm for optimizing partial AUC based on a tight convex upper bound

SVMpAUC-tight: A new algorithm for optimizing partial AUC based on a tight convex upper bound

SVMpAUC-tight: A new algorithm for optimizing partial AUC based on a tight convex upper bound Harikrishna Narasimhan and Shivani Agarwal Department of Computer Science and Automation Indian Institute of Science, Bangalore Receiver Operating

1.12k views • 90 slides
CR05, course 2: Pebble Games 2/2 Summary on the (black) pebble game Red-Blue Pebble Game for I/Os

CR05, course 2: Pebble Games 2/2 Summary on the (black) pebble game Red-Blue Pebble Game for I/Os

CR05, course 2: Pebble Games 2/2 Summary on the (black) pebble game Red-Blue Pebble Game for I/Os Hong-Kung Lower Bound Method Tight Lower Bound for Matrix Product Extensions and Performance Bounds 1 / 25 Outline Summary on the (black)

284 views • 25 slides
Sorting Lower Bound Sorting Lower Bound 1 Comparison-Based Sorting (10.4) Many sorting

Sorting Lower Bound Sorting Lower Bound 1 Comparison-Based Sorting (10.4) Many sorting

Sorting Lower Bound Sorting Lower Bound 1 Comparison-Based Sorting (10.4) Many sorting algorithms are comparison based. They sort by making comparisons between pairs of objects Examples: bubble-sort, selection-sort, insertion-sort,

75 views • 5 slides
4. Source Encoding Methods Called also entropy coders , because the methods try to get

4. Source Encoding Methods Called also entropy coders , because the methods try to get

4. Source Encoding Methods Called also entropy coders , because the methods try to get close to the entropy (i.e. lower bound of compression). statistical coders , because the methods assume the probability distribution of the source

1.06k views • 33 slides
Upper and Lower Loop Bound Estimation by Symbolic Execution and Loop Acceleration Pavel Cadek

Upper and Lower Loop Bound Estimation by Symbolic Execution and Loop Acceleration Pavel Cadek

Upper and Lower Loop Bound Estimation by Symbolic Execution and Loop Acceleration Pavel Cadek 1 1 TU Wien, Austria Formal Methods in Computer-Aided Design 30 Oct - 2 Nov, 2018 Loop Bound Analysis Upper loop bound: max { n , 0 } Lower loop

248 views • 5 slides
Techniques to lower bound extension complexity Thomas Rothvoss UW Seattle Known lower bounds on

Techniques to lower bound extension complexity Thomas Rothvoss UW Seattle Known lower bounds on

Techniques to lower bound extension complexity Thomas Rothvoss UW Seattle Known lower bounds on extended formulation Kaibel, Razborovs Inform. SA Weltge symmetry arg. theory + Fourier COR/ yes yes yes ? TSP [KW13]

1.25k views • 108 slides
Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of a discrete random variable. Properties: H(x) &gt;= 0 Entropy Entropy Lesser the probability for an event, larger the entropy.

471 views • 21 slides
A Tight Bound on Approximating Arbitrary Metrics by Tree Metrics Jittat Fakcheroenphol Satish

A Tight Bound on Approximating Arbitrary Metrics by Tree Metrics Jittat Fakcheroenphol Satish

A Tight Bound on Approximating Arbitrary Metrics by Tree Metrics Jittat Fakcheroenphol Satish Rao Kunal Talwar STOC 2003, JCSS 2004 Presented by Jian XIA for COMP670P: Topics in Theory: Metric Embeddings and Algorithms Spring 2007, HKUST

325 views • 14 slides
A subexponential lower bound for Zadehs pivoting rule for solving linear programs and games

A subexponential lower bound for Zadehs pivoting rule for solving linear programs and games

A subexponential lower bound for Zadehs pivoting rule for solving linear programs and games Oliver Friedmann Department of Computer Science, Ludwig-Maximilians-Universit at Munich, Germany. Oliver Friedmann (LMU) Zadeh Lower Bound 1

1.72k views • 156 slides
MA Macroeconomics 6. The Zero Lower Bound and the Liquidity Trap Karl Whelan School of

MA Macroeconomics 6. The Zero Lower Bound and the Liquidity Trap Karl Whelan School of

MA Macroeconomics 6. The Zero Lower Bound and the Liquidity Trap Karl Whelan School of Economics, UCD Autumn 2014 Karl Whelan (UCD) The Zero Lower Bound Autumn 2014 1 / 25 Can Interest Rates Be Negative? Up to now, we have assumed that the

493 views • 25 slides
Advanced Macroeconomics 4. The Zero Lower Bound and the Liquidity Trap Karl Whelan School of

Advanced Macroeconomics 4. The Zero Lower Bound and the Liquidity Trap Karl Whelan School of

Advanced Macroeconomics 4. The Zero Lower Bound and the Liquidity Trap Karl Whelan School of Economics, UCD Spring 2020 Karl Whelan (UCD) The Zero Lower Bound Spring 2020 1 / 21 Can Interest Rates Be Negative? Up to now, we have assumed

541 views • 21 slides
Recent progress on a sharp lower bound for first (nonzero) Steklov eigenvalue Chao Xia (Xiamen

Recent progress on a sharp lower bound for first (nonzero) Steklov eigenvalue Chao Xia (Xiamen

Recent progress on a sharp lower bound for first (nonzero) Steklov eigenvalue Chao Xia (Xiamen University) (joint with Changwei Xiong) Asia-Pacific Analysis and PDE Seminar May 11th, 2020 1 / 30 Table of Contents Review of eigenvalue lower

779 views • 32 slides
A Proof of the Covariant Entropy Bound Joint work with H. Casini, Z. Fisher, and J. Maldacena,

A Proof of the Covariant Entropy Bound Joint work with H. Casini, Z. Fisher, and J. Maldacena,

A Proof of the Covariant Entropy Bound Joint work with H. Casini, Z. Fisher, and J. Maldacena, arXiv:1404.5635 and 1406.4545 Raphael Bousso Berkeley Center for Theoretical Physics University of California, Berkeley Strings 2014, Princeton,

580 views • 36 slides
403: Algorithms and Data Structures Lower Bound for Sor&lt;ng &amp; The closest pair in 2D

403: Algorithms and Data Structures Lower Bound for Sor&lt;ng &amp; The closest pair in 2D

403: Algorithms and Data Structures Lower Bound for Sor&lt;ng &amp; The closest pair in 2D Fall 2016 UAlbany Computer Science So far: Sor&lt;ng Algorithm Time Space Inser&amp;on O(n 2 ) in-place Merge O(n logn) 2 nd array to

407 views • 16 slides
Learning and Optimization: Lower Bounds and Tight Connections Nati Srebro TTI-Chicago On The

Learning and Optimization: Lower Bounds and Tight Connections Nati Srebro TTI-Chicago On The

Learning and Optimization: Lower Bounds and Tight Connections Nati Srebro TTI-Chicago On The Universality of Online Mirror Descent S, Karthik Sridharan (UPenn), Ambuj Tewari (Michigan), NIPS11 Learning from an Optimization Viewpoint Karthik

682 views • 25 slides
How Quantum Computing This Lower Bound Is . . . Can Help With (Continuous) How Quantum . . .

How Quantum Computing This Lower Bound Is . . . Can Help With (Continuous) How Quantum . . .

Known Advantages of . . . Need to Consider . . . We Consider Only . . . Non-Quantum Lower . . . How Quantum Computing This Lower Bound Is . . . Can Help With (Continuous) How Quantum . . . Auxiliary Quantum . . . Optimization Main

285 views • 24 slides
Tight Upper and Lower Bounds for Leakage-Resilient Locally Decodable and Updatable Non-Malleable

Tight Upper and Lower Bounds for Leakage-Resilient Locally Decodable and Updatable Non-Malleable

Tight Upper and Lower Bounds for Leakage-Resilient Locally Decodable and Updatable Non-Malleable Codes Dana Dachman-Soled University of Maryland Joint work with: Mukul Kulkarni and Aria Shahverdi, University of Maryland Talk is also based on

572 views • 35 slides
Lecture 8: SOS Lower Bound for 3-XOR Lecture Outline Part I: SOS Lower Bounds from Pseudo-

Lecture 8: SOS Lower Bound for 3-XOR Lecture Outline Part I: SOS Lower Bounds from Pseudo-

Lecture 8: SOS Lower Bound for 3-XOR Lecture Outline Part I: SOS Lower Bounds from Pseudo- expectation Values Part II: Random 3-XOR Equations and Pseudo- expectation Values Part III: Proving PSDness Part IV: Analyzing Parameter

650 views • 37 slides
Permanent V. Determinant: An Exponential Lower Bound Assuming Symmetry J.M. Landsberg and

Permanent V. Determinant: An Exponential Lower Bound Assuming Symmetry J.M. Landsberg and

Permanent V. Determinant: An Exponential Lower Bound Assuming Symmetry J.M. Landsberg and Nicolas Ressayre Texas A&amp;M University and Univ. Lyon I ITCS 2016 1 / 8 Valiants conjecture Theorem (Valiant) Let P be a homogeneous polynomial

220 views • 8 slides
Entropy and The Second Law of Thermodynamics Entropy (S)

Entropy and The Second Law of Thermodynamics Entropy (S)

Entropy and The Second Law of Thermodynamics Entropy (S) Entropy is o8en related to disorder but not strictly correct Entropy is a measure

351 views • 8 slides

More recommend