Threshold Direct Product Theorems a survey Ragesh Jaiswal
![Impagliazzo & Kabanets (2010) �Generalized Chernoff bounds [PS 97]: Let X 1, …, Xk](https://slidetodoc.com/presentation_image/602b575279363a16813893a4013608fa/image-16.jpg "Impagliazzo & Kabanets (2010) �Generalized Chernoff bounds [PS 97]: Let X 1, …, Xk")
- Slides: 23
Threshold Direct Product Theorems: a survey Ragesh Jaiswal Indian Institute of Technology Delhi
Direct Product Theorems �If a problem is hard to solve on the average, then solving k instances of the problem becomes exponentially harder. �If a cryptographic protocol is hard to break by an adversary with bounded computational power, then breaking the direct product version of the protocol is even more difficult.
Threshold Direct Product Theorem �If a problem is hard to solve on the average, then solving more than some threshold fraction of instances from a collection of independently chosen problem instances is exponentially hard. �If there is a gap in the ability of a honest party and an adversary in solving a problem, then this gap can be amplified by asking the user to solve multiple problem instances and accepting if the user solves more than a threshold number of problem instances. �Example: CAPTCHA
Direct Product Theorems �If a function f: {0, 1}n {0, 1}m is (1 - )-hard to compute by bounded size circuits, then the function fk(x 1, …, xk) = f(x 1) | f(x 2) | … | f(xk) is (1 - )-hard to compute by bounded size circuits. �Let X 1, …, Xk be independent boolean random variables such that. , then �Xi = 1 if C’(x 1, …, xk)i = f(xi) and 0 otherwise.
Direct Product Theorems �There is a circuit C’ which computes fk with success probability. Construct a circuit C (using C’) that computes f with success probability at least. �There are tight DP theorems for a number of different contexts. �Circuits computing boolean functions. �Weakly Verifiable Puzzles.
Threshold Direct Product Theorems �For any circuit C define: � �If a function f: {0, 1}n {0, 1}m is (1 - )-hard to compute by bounded size circuits, then for any and any bounded size circuit C, �Let and let X 1, …, Xk be independent boolean random variables such that , then �Xi = 1 if C’(x 1, …, xk)i = f(xi) and 0 otherwise.
Impagliazzo, J. , & Kabanets (2008) �Main Theorem: If there is a puzzle system for which the probability of failure is probability of failing on less than k puzzles, is at most , then the out of
Impagliazzo, J. , & Kabanets (2008) �Trust Reducing Strategy (Trust Halving Strategy [BIN 97, IW 97]) �Main Idea: �Define a tuple x=(x 1, …, xk) to be good if �Suppose there is an oracle that tells whether a given input tuple (x 1, …, xk) is good. �Plant the given puzzle into a puzzle tuple at a random position i. �Check if the puzzle tuple is a good input tuple. If so, output C’(x 1, …, xk)i. � The above circuit does well on an input distribution that can be shown to be statistically close to the
Impagliazzo, J. , & Kabanets (2008) �Trust Reducing Strategy: (Trust Halving Strategy [BIN 97, IW 97]) �Main Idea: �Removing the oracle. �Smoothing: Count the number of incorrectly solved puzzles (say t) at positions other than i, and output an answer only with probability (for some < 1).
Jutla (2009) �Main Theorem: If there is a puzzle system for which the probability of failure is probability of failing on less than k puzzles, is at most , then the out of �This is very close to the chernoff-hoeffding bound when �Idea: is close to 0. �Plant the given input puzzle into a puzzle tuple at a randomly chosen position i. �Count the number of incorrectly solved puzzles (say t) other than the planted puzzle. �If then output the i th puzzle
Jutla (2009) �Idea: �For any fixed the conditional probability of producing the correct answer might be very bad since the solver might be making precisely mistakes on most of the puzzle tuples. �The paper argues that there exists an such that this conditional probability of producing an incorrect answer is small and this can be found by sampling.
Paradigm Shift We already have tight results for DP theorems. Why not try to use them to obtain threshold DP theorems.
Chung & Liu (2009) �Idea: �S: solver for the threshold puzzle. �S’: choose a random subset , simulate S and return the answer of S corresponding to positions in T. �S’ is a DP solver. �Use the tight DP theorem reductions to get a solver for the puzzle system. �Main Theorem: If there is a puzzle system for which the probability of failure is at least the probability of failing on less than of k puzzles is at most some constant c. , then out for
Unger (2010) �Main Theorem: Let X 1, …, Xk be boolean r. v. such that for some Let such that for all be a number such that . Then
Unger (2010) �We may use tight XOR lemmas to obtain tight threshold DP theorems. �Main Issue: �XOR lemmas makes sense for boolean functions. We cannot use the result for more complicated scenarios like puzzle systems. �The result is non-constructive.
Impagliazzo & Kabanets (2010) �Generalized Chernoff bounds [PS 97]: Let X 1, …, Xk be boolean random variables such that for some , we have that, for every subset. Then for any. �Proof (which can be easily generalized to obtain a constructive version): �For some value of (q to be determined later), consider the subset S Binomial(q, k). �Consider the quantity: �We will compute the above quantity in two different ways and compare.
Impagliazzo & Kabanets (2010) �Proof: �We have: P= �Define E to be the event that �Then, �This implies that
Impagliazzo & Kabanets (2010) �Constructive Theorem: There is a randomized algorithm A such that the following holds. Let X 1, …, Xk be boolean r. v. Let such that , for some Then, on input n, , the algorithm A, using oracle access to the distribution X 1, …, Xk runs in time and outputs a subset S such that with high probability,
Impagliazzo & Kabanets (2010) �Constructive Proof: �For any subset S, let �Proof sketch: �Pick a q such that the following holds: � �Algorithm: Sample S from the binomial distribution Binomial(q, n). � Estimate a(S) by sampling (since we can sample X 1, …, Xk). � Output S if , else repeat for O(1/ ) steps. �
Impagliazzo & Kabanets (2010) �Issue with this approach: �The running time of producing the subset S is proportional to �This is fine if and are constants. �What if the gap between and is small (say 1/poly(n))? �Is the result tight? �Yes: There are boolean r. v. X 1, …, Xk and parameters 0 < < < 1 such that , but, for every subset S
Impagliazzo & Kabanets (2010) �Stronger sampling conditions help to reduce the running time, but then the success probabilities are not tight.
Open Questions �Obtaining a tight threshold DP theorem wrt the success probabilities and the running time.
Thank You
Fairy
Dr vishal jaiswal
Utkarsh jaiswal
Dr r k jaiswal
Abcd of acls
Threshold ministry
Apa itu tlv
Threshold limit value
Threshold concepts in geography
Threshold 5
Absolute threshold example
Separation initiation return
Hero's journey crossing the threshold
Crossing the threshold in finding nemo
The crossing of the return threshold
Absolute threshold example
Difference threshold example
Absolute threshold psychology definition
Example of absolute threshold
Absolute threshold example
Absolute threshold psychology definition
Child in need threshold
Runway numbering
Two point threshold test
