Advanced Algorithms Polynomial Identity Testing (PIT) two - PowerPoint PPT Presentation

Advanced Algorithms 南京大学 尹一通

Polynomial Identity Testing (PIT) two polynomials f, g ∈ F [ x ] of degree d Input : Output : f ≡ g ? d X a i x i for of degree d : f ( x ) = a i ∈ F f ∈ F [ x ] i =0 a polynomial Input : of degree d f ∈ F [ x ] Output : f ≡ 0? f is given as black-box

a polynomial Input : of degree d f ∈ F [ x ] Output : f ≡ 0? simple deterministic algorithm: check whether f ( x )=0 for all x ∈ { 1 , 2 , . . . , d + 1 } Fundamental Theorem of Algebra: A degree d polynomial has at most d roots. pick a uniform random r ; ∈ S S ⊆ F check whether f ( r ) = 0 ;

pick a uniform random r ; ∈ S check whether f ( r ) = 0 ; S ⊆ F | S | = 2 d if f �� 0 d = 1 Pr[ f ( r ) = 0] ≤ | S | 2 Fundamental Theorem of Algebra: A degree d polynomial has at most d roots.

Checking Identity 北京 database 1 Are they identical? 南京 database 2

Communication Complexity (Yao 1979) f ( a, b ) # of bits communicated a b Han Meimei Li Lei EQ : { 0 , 1 } n × { 0 , 1 } n → { 0 , 1 } Theorem (Yao, 1979) � 1 a = b EQ( a, b ) = There is no deterministic communication protocol 0 a ̸ = b solving EQ with less than n bits in the worst-case.

Communication Complexity n − 1 n − 1 f ( r )= g ( r ) ? � X b i x i a i x i f = g = i =0 i =0 r , g ( r ) ∈ { 0 , 1 } n a b ∈ { 0 , 1 } n Han Meimei Li Lei pick uniform by PIT: random r ∈ [2 n ] one-sided error ≤ 1 2 # of bit communicated: too large!

Communication Complexity n − 1 n − 1 f ( r )= g ( r ) ? � X b i x i a i x i f = g = i =0 i =0 r , g ( r ) ∈ { 0 , 1 } n a b ∈ { 0 , 1 } n O(log n ) bits Han Meimei Li Lei pick uniform random r ∈ [ p ] k = � log 2 (2 n ) � choose a prime let p ∈ [2 k , 2 k +1 ] f, g ∈ Z p [ x ]

Polynomial Identity Testing (PIT) Input : of degree d f, g ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ g ? F [ x 1 , x 2 , . . . , x n ] : ring of n -variate polynomials over field F f ∈ F [ x 1 , x 2 , . . . , x n ] : X a i 1 ,i 2 ,...,i n x i 1 1 x i 2 2 · · · x i n f ( x 1 , x 2 , . . . , x n ) = n i 1 ,i 2 ,...,i n ≥ 0 with degree of f : maximum i 1 + i 2 + · · · + i n a i 1 ,i 2 ,...,i n 6 = 0

Input : of degree d f, g ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ g ? equivalently: Input : of degree d f ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ 0? X a i 1 ,i 2 ,...,i n x i 1 1 x i 2 2 · · · x i n f ( x 1 , x 2 , . . . , x n ) = n i 1 ,i 2 ,...,in ≥ 0 i 1+ i 2+ ··· + in ≤ d

Input : of degree d f, g ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ g ? equivalently: Input : of degree d f ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ 0? f is given as block-box: given any ~ x = ( x 1 , x 2 , . . . , x n ) returns f ( ~ x ) e.g. or as product form: Vandermonde determinant x n − 1 x 2   1 x 1 . . . 1 1 x n − 1 x 2 1 x 2 . . . Y f ( ~ x ) = det( M ) = ( x i − x j )   2 2 M =   . . . . ... . . . .   . . . .   j<i x 2 x n − 1 1 x n . . . n n

PIT: Polynomial Identity Testing Input : of degree d f ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ 0? f is given as block-box or product form if ∃ a poly-time deterministic algorithm for PIT: either: NEXP ≠ P/poly or: #P ≠ FP

Input : of degree d f ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ 0? fix an arbitrary S ⊆ F pick random r 1 , r 2 , ... , r n ∈ S ; uniformly and independently at random; check whether f ( r 1 , r 2 , ... , r n ) = 0 ; f ( r 1 , r 2 , . . . , r n ) = 0 f ≡ 0 Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | # of roots for any f ≢ 0 in any cube S n is ≤ d · | S | n -1

Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | X a i 1 ,i 2 ,...,i n x i 1 1 x i 2 2 · · · x i n f ( x 1 , x 2 , . . . , x n ) = n i 1 ,i 2 ,...,in ≥ 0 i 1+ i 2+ ··· + in ≤ d f can be treated as a single-variate polynomial of x n : d X x i f ( x 1 , x 2 , . . . , x n ) = n f i ( x 1 , x 2 , . . . , x n − 1 ) i =0 = g x 1 ,x 2 ,...,x n − 1 ( x n ) Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] = Pr[ g r 1 ,r 2 ,...,r n − 1 ( r n ) = 0] done? g r 1 ,r 2 ,...,r n − 1 6⌘ 0?

Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | induction on n : basis: single-variate case, proved by n =1 the fundamental Theorem of algebra I.H.: Schwartz-Zippel Thm is true for all smaller n

Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | induction step: f k 6⌘ 0 n k : highest power of x n in f degree of f k ≤ d − k k X x i f ( x 1 , x 2 , . . . , x n ) = n f i ( x 1 , x 2 , . . . , x n − 1 ) i =0 n f k ( x 1 , x 2 , . . . , x n − 1 ) + ¯ = x k f ( x 1 , x 2 , . . . , x n ) k − 1 ¯ X x i where f ( x 1 , x 2 , . . . , x n ) = n f i ( x 1 , x 2 , . . . , x n − 1 ) i =0 highest power of x n in ¯ f < k

Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | n f k ( x 1 , x 2 , . . . , x n − 1 ) + ¯ = x k f ( x 1 , x 2 , . . . , x n ) f ( x 1 , x 2 , . . . , x n ) f k 6⌘ 0 n highest power of x n in ¯ f < k degree of f k ≤ d − k law of total probability: ≤ d − k I.H. Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] | S | = Pr[ f ( ~ r ) = 0 | f k ( r 1 , . . . , r n − 1 ) = 0] · Pr[ f k ( r 1 , . . . , r n − 1 ) = 0] + Pr[ f ( ~ r ) = 0 | f k ( r 1 , . . . , r n − 1 ) 6 = 0] · Pr[ f k ( r 1 , . . . , r n − 1 ) 6 = 0] ≤ k = Pr[ g r 1 ,...,r n − 1 ( r n ) = 0 | f k ( r 1 , . . . , r n − 1 ) 6 = 0] | S | where g x 1 ,...,x n − 1 ( x n ) = f ( x 1 , . . . , x n )

Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d − k + k = d | S | | S | | S |

Input : of degree d f ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ 0? fix an arbitrary S ⊆ F pick random r 1 , r 2 , ... , r n ∈ S ; uniformly and independently at random; check whether f ( r 1 , r 2 , ... , r n ) = 0 ; f ( r 1 , r 2 , . . . , r n ) = 0 f ≡ 0 Schwartz-Zippel Theorem Pr[ f ( r 1 , r 2 , . . . , r n ) = 0] ≤ d f 6⌘ 0 | S | # of roots for any f ≢ 0 in any cube S n is ≤ d · | S | n -1

Fingerprinting X = Y ? FING( X ) = FING( Y ) ? • FING( ) is a function: X = Y ⇒ FING( X ) = FING( Y ) • if X ≠ Y , Pr [ FING( X ) = FING( Y ) ] is small. • Fingerprints are easy to compute and compare.

Polynomial Identity Testing (PIT) Input : of degree d f ∈ F [ x 1 , x 2 , . . . , x n ] Output : f ≡ 0? fix an arbitrary S ⊆ F pick random r 1 , r 2 , ... , r n ∈ S ; uniformly and independently at random; check whether f ( r 1 , r 2 , ... , r n ) = 0 ; polynomial f : FING( f ) = f ( r 1 , r 2 , ... , r n ) for uniform&independent r 1 , ... , r n ∈ S

Communication Complexity a = b ? a b EQ : { 0 , 1 } n × { 0 , 1 } n → { 0 , 1 } � 1 a = b EQ( a, b ) = 0 a ̸ = b

Fingerprinting FING( a ) = FING( b )? pick a random FING() description of FING() a b FING( b ) • FING( ) is a function: a = b ⇒ FING( a ) = FING( b ) • if a ≠ b , Pr [ FING( a ) = FING( b ) ] is small. • Fingerprints are easy to compute and compare.

n − 1 n − 1 f ( r )= g ( r ) ? � X b i x i a i x i f = g = i =0 i =0 r , g ( r ) ∈ { 0 , 1 } n a b ∈ { 0 , 1 } n pick uniform random r ∈ [2 n ] f, g ∈ Z p [ x ] prime for p ∈ [2 k , 2 k +1 ] k = � log 2 (2 n ) � FING( b ) = Σ i b i r i for random r

uniform random a ≡ b (mod p )? prime p ∈ [ k ] p a ∈ [2 n ] b ∈ [2 n ] b mod p FING( x ) = x mod p for uniform random prime p ∈ [ k ] communication complexity: O(log k ) a ≡ b (mod p ) if a = b if a ≠ b : Pr[ a ≡ b (mod p )] ≤ ? for a z = | a - b | ≠ 0 : Pr[ z mod p =0] ≤ ?

uniform random prime p ∈ [ k ] for a z = | a - b | ≠ 0 : Pr[ z mod p =0] ≤ ? ∈ [2 n ] } # of prime divisors of z ≤ n each prime divisor ≥ 2 # of prime divisors of z ≤ n Pr[ z mod p = 0] = # of primes in [ k ] = π ( k ) π ( N ) : # of primes in [ N ] Prime Number Theorem (PNT) N as N ⟶ ∞ π ( N ) ∼ ln N

uniform random a ≡ b (mod p )? prime p ∈ [ k ] p a ∈ [2 n ] b ∈ [2 n ] b mod p for a z = | a - b | ≠ 0 : Pr[ z mod p =0] ≤ ? # of prime divisors of z ≤ n Pr[ z mod p = 0] = # of primes in [ k ] = π ( k ) ≤ n ln k = 2ln n choose k = n 2 k n

uniform random a ≡ b (mod p )? prime p ∈ [ n 2 ] p a ∈ [2 n ] b ∈ [2 n ] b mod p FING( b ) = b mod p for uniform random prime p ∈ [ n 2 ] communication complexity: O(log n ) a ≡ b (mod p ) if a = b if a ≠ b Pr[ a ≡ b (mod p )] ≤ (2 ln n ) / n

Checking Distinctness n numbers x 1 , x 2 , ..., x n ∈ {1, 2, ..., n } Input : Determine whether every number appears exactly once. A = { x 1 , x 2 , ..., x n } B = {1, 2, ..., n } Input : two multisets A ={ a 1 , a 2 , ..., a n } and B ={ b 1 , b 2 , ..., b n } where a 1 , ..., a n , b 1 , ..., b n ∈ {1, 2, ..., n } Output : A = B ? (as multisets) ∀ x : # of times x appearing in A A = B = # of times x appearing in B