This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: Notes on Complexity Theory Last updated: November, 2011 Lecture 25 Jonathan Katz 1 TimeBounded Derandomization Randomization provides unconditional benefits in many settings; examples include cryptography (where random keys are used to provide protection against an adversary) and distributed computing (where randomness can be used as a means to break symmetry between parties). Randomness also appears to help in algorithm design. But is it possible that, from a complexitytheoretic perspective, randomness does not help? E.g., might it be the case that every problem that can be solved in randomized polynomial time can also be solved in deterministic polynomial time? (That is, is P = BPP ?) Historically, guided by progress in designing efficient randomized algorithms, most researchers believed that randomness does help. Research over the past 25 years on (time bounded) derandomization has now led many to change their views; the consensus nowadays is that randomization does not help. 1 One natural approach to derandomize algorithms is to use a pseudorandom generator (PRG) that expands a small, truly random input into a larger, randomlooking output. In the next section we define PRGs and then describe their application to derandomization. The remainder of these notes will focus on constructing a PRG based on a (plausible) complexity assumption. 2 Pseudorandom Generators A pseudorandom generator G is a deterministic algorithm that expands a short input (often called a “seed”) into a larger output. The output of G should “look random”; formally, G ( s ) (for s chosen uniformly) should be indistinguishable from a uniform string of length  G ( s )  . We give a formal definition next. (A word on notation: When we write G : { , 1 } ‘ ( t ) → { , 1 } t we mean that for every integer t and every s ∈ { , 1 } ‘ ( t ) , we have  G ( s )  = t .) Definition 1 A function G : { , 1 } ‘ ( t ) → { , 1 } t is a (complexitytheoretic) pseudorandom generator if G can be computed in exponential time (i.e., G ( s ) can be computed in time 2 O (  s  ) ) and if for all sufficiently large t the following holds: for any distinguisher (i.e., circuit) C of size at most t , fl fl fl Pr r ←{ , 1 } t [ C ( r ) = 1] Pr s ←{ , 1 } ‘ ( t ) [ C ( G ( s )) = 1] fl fl fl < 1 /t. It is worth pointing out several differences between the above definition and that of cryptographic pseudorandom generators. (Those who have not seen cryptographic PRGs can skip to the next section.) The primary difference is with respect to the running time of the PRG vs. the running time 1 Note that even if randomness “does not help” from a complexitytheoretic standpoint, it may still be the case that it helps from an algorithmic standpoint. Namely, even if P = BPP there may exist problems whose solution requires, say, deterministic quadratic time but randomized linear time....
View
Full
Document
This note was uploaded on 01/13/2012 for the course CMSC 652 taught by Professor Staff during the Fall '08 term at Maryland.
 Fall '08
 staff

Click to edit the document details