Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Computational complexity of lattice problems and cyclic lattices Lenny Fukshansky Claremont McKenna College Undergraduate Summer Research Program ICERM - Brown University July 28, 2014
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Euclidean lattices A lattice in Euclidean space R n is a nonzero discrete subgroup. If Λ ⊂ R n is a lattice, then there exist R -linearly independent vectors a 1 , . . . , a k ∈ Λ , 1 ≤ k ≤ n , called a basis for Λ, such that � k � � = A Z k , Λ = m i a i : m i ∈ Z i =1 where A = ( a 1 . . . a k ) is the corresponding n × k basis matrix . Then k is called the rank of Λ, and k = n if and only if the quotient group R n / Λ is compact.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Examples of lattices in the plane Square lattice Hexagonal lattice � 1 � � 1 1 / 2 � 0 √ Z 2 Z 2 0 1 0 3 / 2
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Determinant of a lattice Determinant or covolume of a lattice Λ = A Z k ⊂ R n is � det( A t A ) . This is equal to the volume of the compact quotient V / Λ, where V = span R Λ is a k -dimensional subspace of R n .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Example of a fundamental domain Hexagonal lattice fundamental domain
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Example of a fundamental domain � 1 1 / 2 � √ Volume = det 0 3 / 2
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Successive minima Let B n be a unit ball centered at the origin in R n . If Λ ⊂ R n is a lattice of rank k , then its successive minima 0 < λ 1 ≤ λ 2 ≤ · · · ≤ λ k are real numbers such that λ i B n ∩ Λ contains at least i linearly independent vectors for each 1 ≤ i ≤ k – we call these the vectors corresponding to successive minima . They are not necessarily unique, but there are finitely many of them.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Important remark Vectors corresponding to successive minima do not necessarily form a basis for the lattice. For instance, the 5-dimensional lattice 1 0 0 0 1 / 2 0 1 0 0 1 / 2 Z 5 Λ = 0 0 1 0 1 / 2 0 0 0 1 1 / 2 0 0 0 0 1 / 2 contains the standard basis vectors e 1 , . . . , e 5 , and hence λ 1 = · · · = λ 5 = 1 , however these vectors do not span Λ over Z .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems This is a class of algorithmic optimization problems on lattices. We will consider two famous examples.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems This is a class of algorithmic optimization problems on lattices. We will consider two famous examples. Definition 1 (Shortest Vector Problem – SVP) Input: An n × n basis matrix A for a lattice Λ = A Z n ⊂ R n . Output: A shortest nonzero vector in Λ, i.e. x ∈ Λ such that � x � = min {� y � : y ∈ Λ \ { 0 }} , where � � is Euclidean norm.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems This is a class of algorithmic optimization problems on lattices. We will consider two famous examples. Definition 1 (Shortest Vector Problem – SVP) Input: An n × n basis matrix A for a lattice Λ = A Z n ⊂ R n . Output: A shortest nonzero vector in Λ, i.e. x ∈ Λ such that � x � = min {� y � : y ∈ Λ \ { 0 }} , where � � is Euclidean norm. Remark 1 This is precisely a vector corresponding to λ 1 , the first successive minimum.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems Definition 2 (Shortest Independent Vector Problem – SIVP) Input: An n × n basis matrix A for a lattice Λ = A Z n ⊂ R n . Output: A collection of n shortest linearly independent vectors in Λ, i.e. linearly independent x 1 , . . . , x n ∈ Λ such that � x i � = λ i .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems Definition 2 (Shortest Independent Vector Problem – SIVP) Input: An n × n basis matrix A for a lattice Λ = A Z n ⊂ R n . Output: A collection of n shortest linearly independent vectors in Λ, i.e. linearly independent x 1 , . . . , x n ∈ Λ such that � x i � = λ i . Clearly SIVP should generally be harder than SVP.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems Definition 2 (Shortest Independent Vector Problem – SIVP) Input: An n × n basis matrix A for a lattice Λ = A Z n ⊂ R n . Output: A collection of n shortest linearly independent vectors in Λ, i.e. linearly independent x 1 , . . . , x n ∈ Λ such that � x i � = λ i . Clearly SIVP should generally be harder than SVP. Question 1 How much harder?
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Lattice problems Definition 2 (Shortest Independent Vector Problem – SIVP) Input: An n × n basis matrix A for a lattice Λ = A Z n ⊂ R n . Output: A collection of n shortest linearly independent vectors in Λ, i.e. linearly independent x 1 , . . . , x n ∈ Λ such that � x i � = λ i . Clearly SIVP should generally be harder than SVP. Question 1 How much harder? To answer this question, we need to explain how we measure “hardness”.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Turing machine Device with a head and an infinite tape going through it: Elementary operations: read 1 cell, write 1 cell, move tape left 1 cell, move tape right 1 cell.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Example: a modern computer
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Complexity classes: P and NP Given an algorithmic problem, we can measure the size of its input in number of bits of memory it takes to store it.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Complexity classes: P and NP Given an algorithmic problem, we can measure the size of its input in number of bits of memory it takes to store it. Definition 3 A problem is called polynomial if the number of elementary operations required to solve it on a Turing machine is polynomial in the size of the input. If this is the case, we say that the problem can be solved in polynomial time . The class of all such problems is denoted by P .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices Complexity classes: P and NP Given an algorithmic problem, we can measure the size of its input in number of bits of memory it takes to store it. Definition 3 A problem is called polynomial if the number of elementary operations required to solve it on a Turing machine is polynomial in the size of the input. If this is the case, we say that the problem can be solved in polynomial time . The class of all such problems is denoted by P . Definition 4 A problem is called non-deterministic polynomial if the number of elementary operations required to verify a potential answer for it on a Turing machine is polynomial in the size of the input. If this is the case, we say that the problem can be verified in polynomial time . The class of all such problems is denoted by NP .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices More complexity: NP -hard and NP -complete It is clear that every problem which can be solved in polynomial time, can be verified in polynomial time, and so P ⊆ NP .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices More complexity: NP -hard and NP -complete It is clear that every problem which can be solved in polynomial time, can be verified in polynomial time, and so P ⊆ NP . Definition 5 Informally speaking, a problem is called NP-hard if it is at least as hard as the hardest problem in NP . An NP -hard problem does not need to be in NP .
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices More complexity: NP -hard and NP -complete It is clear that every problem which can be solved in polynomial time, can be verified in polynomial time, and so P ⊆ NP . Definition 5 Informally speaking, a problem is called NP-hard if it is at least as hard as the hardest problem in NP . An NP -hard problem does not need to be in NP . Definition 6 A problem is called NP-complete if it is in NP and is NP -hard.
Lattices Computational complexity Complexity of cyclic lattices Well-rounded cyclic lattices P vs NP : a million dollar problem One of the seven Clay Millenium Prize Problems is the question whether P = NP ? The problem was first posed in 1971 independently by Stephen Cook and Leonid Levin.
Recommend
More recommend