Computing with Polynomials over Composites Parikshit Gopalan Algorithms, Combinatorics & Optimization. Georgia Tech.

Computing with Polynomials over Composites

Parikshit GopalanAlgorithms, Combinatorics & Optimization.

Georgia Tech.

Primes and Composites

“The problem of distinguishing prime numbers from composite numbers and of resolving the latter into their prime factors is known to be one of the most important and useful in arithmetic …”

- C.F. GaussDisquisitiones Arithmeticae (1801)

• Primality testing.

• Factoring.

Many other facets to the prime vs. composite problem in computer science …

Complexity Combinatorics

Derandomization

Coding Theory

Polynomials over Primes

Polynomials over Composites

?

?

?

?

Complexity Combinatorics

AlgorithmsCryptography

Polynomials over

Composites

A Problem from Circuit Complexity

Problem: Find a function that cannot be computed by small circuits with AND, OR and Mod-m gates.

For Mod-p gates (p is prime) [Razborov, Smolensky]

With p = 2, the Mod-3 function is hard.

For Mod-m gates (m is composite, say 6)

With m = 6, is the Mod-5 function hard ?

No lower bounds known for any function.

Circuit complexity: Show lower bounds on size of circuits computing a function.

Is Xi = 0 mod m ?

Poly. SizeConst. depth

A Problem about Polynomials

Computing Boolean functions by polynomials:

Def: P(X1,…, Xn) over Zm represents f: {0,1}n ! {0,1}

if f(x) f(y) ) P(x) P(y) mod m.

Problem: What is the degree of OR mod m ?

For p prime: (n).

For m composite (say 6): • Conjecture: (n) [Barrington]

• O(n1/2) upper bound. [Barrington-Beigel-Rudich]

• (log n) lower bound. [Barrington-Tardos]

A Problem about Set Systems

Problem: Let F be a family of subsets Si of [n] where

|Si| = 0 mod m

|Si Å Sj| 0 mod m

How large can F be?

RCW Thm. : For p prime, |F| · O(np-1).

Conjecture : For any m, |F| is at most polynomial. [Frankl]

Thm. : If m = 6, |F| can be superpolynomial. [Grolumsz]

Extremal Set Theory: How large can a set system satisfying certain conditions be?

Polynomials over Composites

Complexity:

• Circuits.

• Boolean function Representations.

Combinatorics:

• Set systems.

• Ramsey graphs.

Algorithms:

• Root-finding.

• Interpolation.

Cryptography:

• RSA.

• Rabin cryptosystem.

Primes versus Composites:

The Prime Case:– Low degree polynomials have few zeroes.– Finite Fields, linear algebra.

The Composite Case:– Proof techniques fail.– Problems behave differently.– Polynomials have (unexpected) structure.

• Primality testing. [Agrawal-Biswas, AKS]

• Complexity. [Barrington et al., Bhatnagar-G.-Lipton, Hansen].

• Combinatorics. [Grolmusz, G.’06].

In This Talk:

Complexity : Computing Boolean functions by polynomials. [Bhatnagar-G.-Lipton]

Combinatorics : Explicit Ramsey graphs. Algorithms : Interpolation over Zm.

Polynomials over Composites.

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

Motivation

Def: P(X1,…, Xn) over Zm represents f: {0,1}n ! {0,1} if

f(x) f(y) ) P(x) P(y) mod m

[Razborov, Smolensky] :• Small circuits ≈ low-degree polynomials.• Prove degree lower bounds.

[Barrington-Beigel-Rudich] :Degree lower bounds over Zm. (Simpler problem?)

Applications to Combinatorics, Computational Learning.

State of the Art

[Barrington-Beigel-Rudich, Grolmusz, Tsai, Barrington-Tardos, Green, Alon-Beigel, …] :

• O(√n) upper bound for OR, AND. [Barrington-Beigel-Rudich]

• Best lower bound is (log n). [Grolmusz, Barrington-Tardos]

[Bhatnagar-G.-Lipton] : Symmetric Polynomials.• Symmetric Polynomials ´ Communication

Protocols.• Number theory, Communication complexity.• Tight bounds for most functions. [Hansen]

Symmetric Polynomials over Zp

f : {0,1}n ! {0,1}, P : {0,1}n ! Zp (both symmetric).

Weight w(x) = no. of 1’s in x. Hence f : {0, …, n} ) {0,1}

P : {0,…, n} ) Zp.

Q: What can we compute with low degree polynomials?

A: Write w in base p as w = w0 + w1p + w2p2 … + wℓpℓ Thm. : Polynomials of degree pt -1 compute all functions P: {0, …, n} ) Zp that depend on w0, …, wt-1 (on w mod pt).

0 1 0 0 0 1 1

Mod-k functions over Z2

1 0 0 0 0 0

0 1 0 0 0 1 1

Mod-2

Mod-3

Mod-4

O(1)

O(1)

(n)

What happens over Z6 ?

Thm. [Bhatnagar-G.-Lipton] :

Symmetric Polynomials are equivalent to Simultaneous Protocols.

Simultaneous Protocols

Simultaneous Protocols

0 0 1 0 2 2

k3

P2(w) Z2 P3(w) Z3

0 1 0 0 0 1 1

k2

f(w)

f : w {0,…,n} → {0,1}w = 35

Cost = max(2k2, 3k3)

Thm. [Bhatnagar-G.-Lipton] :

Symmetric Polynomials are equivalent to Simultaneous Protocols.

Simultaneous Protocols

If m has 3 prime factors, protocols involve 3 players.

P2(X) P3(X)

CRT

0 1 0 0 0 1 1

k2 k3

Deg(P3) ≤ dDeg(P2) ≤ d

Deg(P) ≤ d

3k3 ≤ d 2k2 ≤ d

Representations ) Protocols

P(X)

0 0 1 0 2 2

CRT

A Protocol for OR

0 0 1 0 2 2

k3

P2(w) P3(w)

0 1 0 0 0 1 1

k2

f(w)

OR: f(w) = 0 iff w = 0

w

2k2 > √n 3k3 > √n

If see 0, say 0.

If not, say 1.

If see 0, say 0.

If not, say 1.

Output 0 only if both say 0.Cost of protocol = O(√n)

Tight Bounds for OR [BBR’94]

Proof: Assume referee says 0.

Then w 0 mod 2k2, w 0 mod 3k3.

By the CRT, w 0 mod 2k23k3.

But 2k23k3 > n. Hence w = 0.

Lower Bound: Above protocol is optimal.

Similar bounds for AND.

Bounds for Threshold functions.

Def: Threshold-k functionTk(w) =1 if w ¸ k.

What is the degree of Tk ?

Thm [Bhatnagar-G.-Lipton] :

• Bound of O((nk)1/2) assuming “abc-conjecture”.

• Unconditional for k constant.

Uses results on Diophantine equations.

For 2 · k · n-1,

Degree bounds by symmetric polynomials imply that

some Diophantine equations have no solutions.

Bounds for Threshold-2

Def: Threshold-2 functionT2(w) =1 if w ¸ 2.

Candidate Protocol:• Both players read all but 1 digit.• Output 1 if input is at least 2.

0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0

What is a bad input?

? ?1 1

Bad inputs are solutions to |3k3 - 2k2| = 1.

[BenGerson ~1400] : (9,8) is the only solution.

Protocol is correct for large n.

Previously : Best lower bound: (n1/2).

Thm [Bhatnagar-G.-Lipton] : ((nk)1/2) lower bound for Threshold-k . (n) lower bound for Mod-k if k prime, k >

min(p,q).

Mod-5 has degree (n) over Z6.

Does Mod-2 have degree (n) over Z15?

[Hansen] : Yes, but not over Z21 !

Lower Bounds from Communication Complexity

Can asymmetry help compute a symmetric function?

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

Explicit Ramsey Graph Constructions

[Erdös] : There exists a graph G on 2n vertices with (G), (G) · 2n.

Proof via the Probabilistic Method.$100 for explicit construction.

[Ramsey] : Every graph on 2n vertices has either an independent set or a clique of size n/2.

Easy to construct G on 2n vertices with (G), (G) · 2n/2.

A Brief History of Explicit Constructions

[Nagy] : (G), (G) · 2n/3.

[Frankl-Wilson] : Gives (G), (G) · 2√n.

[Grolmusz] : Using set system mod 6.• Better polynomials ) better graphs.

[Alon] : Similar to Frankl-Wilson.

[G.] : Unified view of Frankl-Wilson, Grolmusz, Alon.

[Barak-Rao-Shaltiel-Wigderson] : (G), (G) · 2n.

A Unified View [G.]

New view of an OR representation:• Two polynomials.

• Union of their zero sets is {0,1}n \ {0}.

Simple construction based on OR polynomials. Unifies Frankl-Wilson, Grolmusz, Alon. All based on O(√n) symmetric OR polynomials. Extends to multi-color Ramsey graphs.

P = 0 Q = 0

A Unified View [G.]

New view of an OR representation:• Two polynomials.

• Union of their zero sets is {0,1}n \ {0}. • Degree of representation = max(deg(P), deg(Q)).

Both polynomials mod p. P mod p, Q mod q. Both polynomials mod pa.

(n)O(√n) [BBR, Alon]O(√n) [FW]

All constructions use symmetric polynomials.

The Ramsey Graph Construction

Ramsey Construction: Vertices: {0,1}n.Edges: Add edge (x,y) if P(x © y) = 0.

Thm: Degree d OR representation gives (G), (G) · nd.

Consider a clique: x1, …, xk

We have: P(xi © xj) = 0.

Claim : Polynomials P(X © x1), …, P(X © xk) are LI.Dimension of vector space O(nd). Hence k · nd.Plug in X = x1:

P(0,…,0) 0, P(x1 © x2) = 0, …, P(x1 © xk) = 0.

Symmetry is the Barrier

P mod p, Q mod q. [BBR, Alon]Gives a representation of OR over Zpq.

Known lower bound: √(n/pq).When n < pq [Alon] …

Xi represents OR mod pq.

Both polynomials mod pa. [FW] Based on interpolation algorithm mod pa.

Theorem [G.] :

(√n) lower bound for symmetric polynomials.

High-Level Idea

1. Algebraic Step: Characterize zero-sets of low-degree polynomials.

2. Combinatorial Step: Show that there is no good partition of the hypercube.

Symmetry:

Multivariate polynomials ! Univariate polynomials

{0,1}n ! {0, …, n}.

Symmetry is the Barrier

Symmetry versus asymmetry question also applies to Ramsey graph constructions.

Symmetric polynomials give graphs on {0,1}n based on distances.

Q : Are graphs on {0,1}n based on distances not good Ramsey graphs?

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

Polynomial Interpolation mod m

• Low degree polynomials mod m have many roots.

Eg: X6 = 0 mod 64 (0,2,4 …, 62)

How many evaluations are needed to interpolate P(X) over Zm?• Values at various points are dependent over Zm.

Eg: Let x, y Z64

If x y mod 2 then P(x) P(y) mod 2

What is the min. degree of a polynomial which vanishes on Zm ?

Polynomial Interpolation mod m

Problem: Given a set Iµ Zm, compute P(X) from its evaluations at points in I.

Minimize degree, query complexity.

Previous Work: [Bshouty-Tamon-Wilson, Karpinski-van der Poorten-Shparlinski , …]

Restrictions on m, degree, coefficients ...

Polynomial Interpolation mod m

Problem: Given a set Iµ Zm, compute P(X) from its evaluations at points in I.

Thm. [G.’05] : Interpolation algorithm over Zm: Minimizes degree. Minimizing queries: NP-complete. Algorithm within factor log m of optimal.

Algorithm gives m = h1 h2 … ht (hi, hj) = 1Approximation factor bounded by t.

Cor. : PAC-learning, Uniform learning, Zero-testing.

Interpolation over Prime Powers

60 3 mod 9

0 1 2 mod 3

0 9 1 2 11 14

|P(x) – P(y)| ≤ |x – y|

Let m = 27.

I

Ultrametric:

d(x,z) ≤ max(d(x,y), d(y,z))

Prime Powers and Ultrametric Spaces

Ultrametric:

d(x,z) ≤ max(d(x,y), d(y,z))

Prime Powers and Ultrametric Spaces

Algebraic properties of polynomials )

Combinatorial properties of Ultrametric spaces.

Find k points that are farthest apart.

Greedy algorithm works for ultrametrics.

Ultrametrics form a Greedoid.

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

In This Talk:

Computing Boolean functions by polynomials. Explicit Ramsey graphs. Interpolation over Zm.

Conclusions.

Polynomials over Composites.

Lower bounds for Circuits with Mod gates. Better (simpler?) explicit Ramsey graphs.

Future Directions

Polynomial representations over Zm. Set systems with restricted intersections

mod m.

Tractable Open Problems.

Main Open Problems.

Future Directions

Do low degree OR polynomials exist?• Symmetric polynomials for Symmetric functions. • CRT. Hard explicit construction problem ?

Algebraic step: Characterize zero-sets of low-degree multivariate polynomials over Zp.

Symmetry versus Asymmetry.

Better Lower Bounds.