We show that sets consisting of strings of high Kolmogorov complexity provide examples of sets that are complete for several complexity classes under probabilistic and non-uniform reductions. These sets are provably not complete under the usual many-one reductions. Let

In this work we study two, seemingly unrelated, notions. Locally decodable codes (LDCs) are codes that allow the recovery of each message bit from a constant number of entries of the codeword. Polynomial identity testing (PIT) is one of the fundamental problems of algebraic complexity: we are given a circuit computing a multivariate polynomial and we have to determine whether the polynomial is identically zero. We improve known results on LDCs and on polynomial identity testing and show a relation between the two notions. In particular we obtain the following results: (1) We show that if E: F n ↦ → F m is a linear LDC with two queries, then m = exp(Ω(n)). Previously this was known only for fields of size ≪ 2 n [O. Goldreich et al., Comput. Complexity, 15 (2006), pp. 263–296]. (2) We show that from every depth 3 arithmetic circuit (ΣΠΣ circuit), C, with a bounded (constant) top fan-in that computes the zero polynomial, one can construct an LDC. More formally, assume that C is minimal (no subset of the multiplication gates sums to zero) and simple (no linear function appears in all the multiplication gates). Denote by d the degree of the polynomial computed by C and by r the rank of the linear functions appearing in C. Then we can construct a linear LDC with two queries that encodes messages of length r/polylog(d) by codewords of length O(d). (3) We prove a structural theorem for ΣΠΣ circuits, with a bounded top fan-in, that

Abstract — We study ΣΠΣ(k) circuits, i.e., depth three arithmetic circuits with top fanin k. We give the first deterministic polynomial time blackbox identity test for ΣΠΣ(k) circuits over the field Q of rational numbers, thus resolving a question posed by Klivans and Spielman (STOC 2001). Our main technical result is a structural theorem for ΣΠΣ(k) circuits that compute the zero polynomial. In particular we show that if a ΣΠΣ(k) circuit C = ∑ i∈[k] Ai

Abstract. We consider ranking and clustering problems related to the aggregation of inconsistent information. Ailon, Charikar, and Newman [1] proposed randomized constant factor approximation algorithms for these problems. Together with Hegde and Jain, we recently proposed deterministic versions of some of these randomized algorithms [2]. With one exception, these algorithms required the solution of a linear programming relaxation. In this paper, we introduce a purely combinatorial deterministic pivoting algorithm for weighted ranking problems with weights that satisfy the triangle inequality; our analysis is quite simple. We then shown how to use this algorithm to get the first deterministic combinatorial approximation algorithm for the partial rank aggregation problem with performance guarantee better than 2. In addition, we extend our approach to the linear programming based algorithms in Ailon et al. [1] and Ailon [3]. Finally, we show that constrained rank aggregation is not harder than unconstrained rank aggregation.

A large class of problems in symbolic computation can be expressed as the task of computing some polynomials; and arithmetic circuits form the most standard model for studying the complexity of such computations. This algebraic model of computation attracted a large amount of research in the last five decades, partially due to its simplicity and elegance. Being a more structured model than Boolean circuits, one could hope that the fundamental problems of theoretical computer science, such as separating P from NP, will be easier to solve for arithmetic circuits. However, in spite of the appearing simplicity and the vast amount of mathematical tools available, no major breakthrough has been seen. In fact, all the fundamental questions are still open for this model as well. Nevertheless, there has been a lot of progress in the area and beautiful results have been found, some in the last few years. As examples we mention the connection between polynomial identity testing and lower bounds of Kabanets and Impagliazzo, the lower bounds of Raz for multilinear formulas, and two new approaches for proving lower bounds: Geometric Complexity Theory and Elusive Functions. The goal of this monograph is to survey the field of arithmetic circuit complexity, focusing mainly on what we find to be the most interesting and accessible research directions. We aim to cover the main results and techniques, with an emphasis on works from the last two decades. In particular, we

“P versus N P – a gift to mathematics from Computer Science”

These notes informally review the most common methods from computational number theory that have applications in public key cryptology.

It has been known that the graph isomorphism problem is polynomial-time many-one reducible to the ring isomorphism problem. In fact, two different reductions have already been proposed. For those reductions, rings of certain types have been used to represent a given graph. In this paper, we give yet another reduction, which is based on a simpler and more natural construction of a ring from a graph. By the existing reductions, one of the original graph isomorphisms can be found in each ring isomorphism obtained for the reduced ring isomorphism problem instance. On the other hand, in our new reduction, it is not clear how to get a graph isomorphism between two graphs from an obtained ring isomorphism between rings constructed from the graphs. However, we show that we can compute a graph isomorphism from an obtained ring isomorphism in polynomial time. In fact, one ring isomorphism may correspond to many graph isomorphisms in our reduction. Our proof essentially shows a way to obtain all graph isomorphisms corresponding to one ring isomorphism. 1

Abstract. Given a network G = (V, E), we say that a subset of vertices S ⊆ V has radius r if it is spanned by a tree of depth r. We are interested in determining whether G has a cutset that can be written as the union of k sets of radius r. This generalizes the notion of k-vertex connectivity, since in the special case r = 0, a set spanned by a tree of depth r is a single vertex. Our motivation for considering this problem is that it constitutes a simple model for virus-like malicious attacks on G: An attack occurs at a subset of k vertices and begins to spread through the network. Any vertex within distance r of one of the initially attacked vertices can be infected. Thus an attack corresponds to a subset of vertices that is spanned by k trees of depth at most r. The question we focus on is whether a given network has a cutset of this particular form. The main results of this paper are the following. If r = 1, an attack corresponds to a subset of vertices which is the union of at most k stars. We call such a set a galaxy of order k. We show that it is NP-hard to determine whether a given network contains a cutset which is a galaxy of order k, if k is part of the input. This is in stark contrast to the case r = 0, since testing whether a graph is k-vertex connected can be done in polynomial time, using standard maxflow-mincut type results. In contrast, testing whether a graph can be disconnected by a single attack (i.e. k = 1) can be done efficiently. Such an attack corresponds to a set of vertices spanned by a tree of depth r. We present an O(rnm) algorithm that determines if a given network contains such a set as a cutset.

As the both the requirement and demand for secure systems increases, so to will the ubiquitousness of cryptography. The most secure cryptographic schemes often involve complicated algorithms and are by no means cheap to implement on standard hardware, and it is this that has led to the development of cryptographic hardware accelerators. Optimizing software to take advantage of these hardware devices is a problem akin to that of effective parallelization and this project aims to determine how these accelerators perform and under what conditions their use is cost-effective. Through the development of code designed to exercise the particular accelerators existing on the Solaris UltraSPARC T2 via the Solaris Cryptographic Framework (SCF) the system’s performance under a variety of different conditions was assessed. A suggestion for the possible design of a benchmark exclusively for hardware accelerated cryptography is also given. The results indicate that substantial performance gains can be had with