Topics in Pseudorandomness
(Fall 2005-2006)
Exercises: (Exercises are not mandatory. They are meant to
give students a chance to practice and make sure that they understand the
lectures).
Some Bibliography:
-
Lecture notes of a course given by David Zuckerman.
-
Lecture notes of a course given by Salil Vadhan.
- A
manuscript on
"pairwise independence and derandomization" by Mike Luby and Avi Wigderson.
- A manuscript on
"derandomizing BPP" which I wrote based on a course by Avi Wigderson.
The following is a list if topics covered in class. Whenever
possible I give a reference to written matirial on the subject. I use the
following method:
- (***) marks a source which presents the subject
essentially in the same way as we did in class.
- (**) marks a source which presents the subject in a way
that is close to the way we did it in class.
- (*) marks a source which covers the subject (but the
presentation may differ than the way we did it in class).
Introduction : (Lecture 1).
(** Vadhan's lectures 1,2)
- Probabilistic algorithms.
- A probabilistic algorithm for max-cut.
- A probabilistic algorithm for
undirected-connectivity.
- The pseudorandomness paradigm for derandomization: (*
Zuckerman's lecture 1).
- The notion of a pseudorandom generator.
- A pseudorandom generator for the MAX-CUT algorithm
based on 2-wise independence.
- A pseudorandom generator for small space algorithms
derandomizes the algorithm for undirected connectivity.
Pair-wise and k-wise independence: (Lecture 2)
(** Some of this subject is covered in Zuckerman's
lecture 5, ** See also a manuscript by Mike Luby and Avi Wigderson. Relevant
chapters are: 2,3,4,5, ** See also Vadhan's lecture 7)
- Definition of k-wise independent hash families.
- Constructions of 2-wise (and k-wise) independent hash
families.
- Corollary: pseudorandom generators against k-wise tests.
- The expected number of collisions of hashing a set: (A
set of size 2^k of n bits strings hashed to m bit strings will have an
expected number of 2^(2k-m) collisions.)
- Application: Dictionaries for 2^k words of length n
with storage 2^2k and O(1) access time.
- Using less storage: The [FKS] hashing scheme.
Averaging samplers: (Lecture 3)
(* A survey on averaging samplers by Oded Goldrecih, ** Vadhan's
lecture 2, * Chapters 7,9 in the manuscript of Luby and Wigderson.)
- Definitions of complexity classes associated with
probabilistic algorithms (BPP,RP, ZPP) and their basic properties:
- RP intersect coRP=ZPP
- RP is in NP
- BPP is in EXP
- Questions: BPP=P? BPP=EXP? P=NP => BPP=P ?
- The notion of an averaging sampler.
- Chernoff's inequality.
- Chebichev's inequality and a sampler based on 2-wise
independence.
- Deterministic amplification (that is using averaging
samplers to do a randomness efficient amplification of success probability)
- Tail-inequalities for k-wise independence and a sampler
based on k-wise independence.
- Applications of hashing and sampling:
- BPP is in Sigma_2 (corollary: P=NP => BPP=P).
- The proof of Goldreich and Zuckerman based on
"strong" averaging samplers. (The notes above give the more standard
proof. Here's the
paper of Goldreich and Zuckerman).
More applications of hashing: (Lecture 4)
(** Lectures 5 in a
course by Oded
Goldreich.)
- Counting problems and the class #P.
- Oracles and oracle classes.
- approximate counting: (additive approximation versus
relative approximation).
- A relative approximation scheme in BPP^NP.
- Tools: for m=k-O(log n) n-wise independent hash
functions h:(n)->(m) have the property that for every set of size 2^k a
random hash function sends essentially the same number of elements to
every bin.
- This also gives another proof that BPP in Sigma_2.
Small sample spaces: (end of lecture 4,
lecture 5 and part of lecture 6) (** Lectures 6,7,8,9
in Zuckerman's notes. Note that this also includes an introduction to
error-correcting codes which is our next topic).
- Families of tests: (k-wise tests, linear tests, poly-size
tests, all tests).
- Main question: how many random bits are needed to get an
eps-pseudorandom generator which output m bits against a family of test.
| Type of tests: |
eps=0 |
general eps |
| k-wise tests |
k log m |
k + log log m + log(1/eps) |
| linear tests |
m |
log m + log(1/eps) |
| poly-size tests |
m |
log m + log(1/eps) (existence only. No known explicit construction.) |
- The notion of eps-bias [NN].
- Thm: If a distrubution on n bits is eps-bias then it is
eps 2^(n/2) close to uniform.
- Corollary: for eps=0 no savings can be made when
fooling linear (and therefore poly-size) test.
- Corollary: If a distribution is eps/2^k bias then it
is eps-pseudorandom for k-wise tests.
- Fourier analysis (proof of theorem).
- A construction of eps-bias with seed 2log (m/eps)
[AGHP].
- Corollary: (k,eps)-wise indepndence with k+log
m+log(1/eps) bit seed.
- Improving the corollary from log m to log log m
- Combinatorial approach based on hashing.
- Algebraic approach: Using a (linear) generator for
k-wise tests with an eps/2^k bias seed.
Error correcting codes: (2nd part of lecture 6
and part of lecture 7). (** Zuckerman's lectures
8,9,10)
- The definition of (n,k,d)_q codes and linear codes:
(distance, rate, and algorithmic problems).
- The Reed-Solomon code.
- The Hadamard code.
- Concatenation of codes.
- A code based on restricting Hadamard to an eps-bias set.
- List-decoding.
- Combinatorial list-decoding of Hadamard.
- Algorithmic (sublinear time) decoding and list-decoding
of Hadamard (The Goldreich-Levin Theorem). (*** See section on "Goldreich-Levin"
in the manuscript that I wrote).
Expander graphs: (lecture 8)
(*** Vadhan's lecture 9)
- Random walks on connected d-regular non-bipartite graphs
converge to the uniform distribution.
- The 2nd eigenvalue governs the rate of convergence.
- Definition of vertex expansion.
- Relations between vertex expansion and 2nd eigenvalue.
- A walk that starts from a random vertex produces a
sequence of vertices that is "pseudorandom".
- Expander Chernoff bound (statement only).
- Special case: the probability that the walk stays in t
steps in a small set goes down exponentially with t.
- The notion of explicit construction of expander graphs.
Derandomizing BPP: (lectures 9,10)
- PRG's that fool size n^{2c} derandomize probabilistic
algorithms that run in time n^c.
- PRG's that fool Turing Machines can be useful if inputs
are "feasibly generated".
- Explicit PRG's imply the existence of a function f in E
that is hard for size 2^{\Omega(l)} circuits.
- The hardness versus randomness paradigm: Construct PRG's
from hardness assumptions.
- A candidate PRG: G(x)=x,f(x)
- Hardness on the worst case versus hardness on average.
- A generator that outputs m bits and (eps/m)-fools size m
prediction test is pseudorandom against size m general tests. (*** see
the relevant chapter in the manuscript that I wrote.)
- The generator G(x1,x2)=x1,x2,f(x1),f(x2) : Proof of
correctness by using nonuniformity.
- (l,u)-designs. (** See chapter on Nisan-Wigderson
generator in the manuscript that I wrote. There are also notes in Vadhan's
notes).
- The Nisan-Wigderson generator. (** See chapter on
Nisan-Wigderson generator in the manuscript that I wrote. There are also
notes in Vadhan's notes).
- The S-Umans generator. (***
powerpoint presentation)