This thesis presents "cache-oblivious" algorithms that use asymptotically optimal amounts of work, and move data asymptotically optimally among multiple levels of cache. An algorithm is cache oblivious if no program variables dependent on hardware configuration parameters, such as cache size and cache-line length need to be tuned to minimize the number of cache misses. We show that the ordinary algorithms for matrix transposition, matrix multiplication, sorting, and Jacobi-style multipass filtering are not cache optimal. We present algorithms for rectangular matrix transposition, FFT, sorting, and multipass filters, which are asymptotically optimal on computers with multiple levels of caches. For a cache with size Z and cache-line length L, where Z =# (L 2 ), the number of cache misses for an m × n matrix transpose is #(1 + mn=L). The number of cache misses for either an n-point FFT or the sorting of n numbers is #(1 + (n=L)(1 + log Z n)). The cache complexity of computing n ...

Can Grover’s algorithm speed up search of a physical region—for example a 2-D grid of size √ n × √ n? The problem is that √ n time seems to be needed for each query, just to move amplitude across the grid. Here we show that this problem can be surmounted, refuting a claim to the contrary by Benioff. In particular, we show how to search a d-dimensional hypercube in time O ( √ n) for d ≥ 3, or O ( √ nlog 5/2 n) for d = 2. More generally, we introduce a model of quantum query complexity on graphs, motivated by fundamental physical limits on information storage, particularly the holographic principle from black hole thermodynamics. Our results in this model include almost-tight upper and lower bounds for many search tasks; a generalized algorithm that works for any graph with good expansion properties, not just hypercubes; and relationships among several notions of ‘locality’ for unitary matrices acting on graphs. As an application of our results, we give an O (√ n)-qubit communication protocol for the disjointness problem, which improves an upper bound of Høyer and de Wolf and matches a lower bound of Razborov.

Abstract. A popular technique to construct stream ciphers is to use a linear sequence generator with a very large period and good statistical properties and a non-linear filter. There is abundant literature on how to use linear approximations of this non-linear function to attack the cipher, which is known as (fast) correlation attacks. In this paper we explore non-linear approximations, much less well known. We will reduce the cryptanalysis of a stream cipher to solving an overdefined system of multivariate equations. At Eurocrypt 2000, Courtois, Klimov, Patarin and Shamir have introduced the XL algorithm for solving systems of overdefined multivariate quadratic equations over finite fields. The exact complexity of the XL algorithm remains an open problem. and some authors such as T.T.Moh have expressed serious doubts whether it actually works very well. However there is no doubt that such methods work very well for largely overdefined systems (much more equations than variables), and we confirm this by computer simulations. Luckily systems we obtain in cryptanalysis of stream ciphers are precisely very overdefined. In this paper we will show how to break efficiently stream ciphers that are known to be immune to all the previously known attacks. For example, we will be able to break the stream

We present a quantum algorithm that verifies a product of two n×n matrices over any integral domain with bounded error in worst-case time O(n 5/3) and expected time O(n 5/3 / min(w, √ n) 1/3), where w is the number of wrong entries. This improves the previous best algorithm [ABH + 02] that runs in time O(n 7/4). We also present a quantum matrix multiplication algorithm that is efficient when the result has few nonzero entries. 1

An algorithm M is described that solves any well-defined problem p as quickly as the fastest algorithm computing a solution to p, save for a factor of 5 and low-order additive terms. M optimally distributes resources between the execution of provably correct p-solving programs and an enumeration of all proofs, including relevant proofs of program correctness and of time bounds on program runtimes. M avoids Blum's speed-up theorem by ignoring programs without correctness proof. M has broader applicability and can be faster than Levin's universal search, the fastest method for inverting functions save for a large multiplicative constant. An extension of Kolmogorov complexity and two novel natural measures of function complexity are used to show that the most efficient program computing some function f is also among the shortest programs provably computing f.

We describe an O(n³ / log n)

Reproduction in whole or in part is permitted for any purpose of the United States Government. The preparation of this manuscript was supported in part by the Office

Recent work in dynamic graph algorithms has led to efficient algorithms for dynamic undirected graph problems such as connectivity. However, no efficient deterministic algorithms are known for the dynamic versions of fundamental directed graph problems like strong connectivity and transitive closure, as well as some undirected graph problems such as maximum matchings and cuts. We provide some explanation for this lack of success by presenting quadratic lower bounds on the certificate complexity of the seemingly difficult problems, in contrast to the known linear certificate complexity for the problems which have efficient dynamic algorithms. A direct outcome of our lower bounds is the demonstration that a generic technique for designing efficient dynamic graph algorithms, viz., sparsification, will not apply to the difficult problems. More generally, it is our belief that the boundary between tractable and intractable dynamic graph problems can be demarcated in terms of certificate co...

Many questions concerning a zero-dimensional polynomial system can be reduced to linear algebra operations in the quotient algebra A = k[X1,..., Xn]/I, where I is the ideal generated by the input system. Assuming that the multiplicative structure of the algebra A is (partly) known, we address the question of speeding up the linear algebra phase for the computation of minimal polynomials and rational parametrizations in A. We present new formulæ for the rational parametrizations, extending those of Rouillier, and algorithms extending ideas introduced by Shoup in the univariate case. Our approach is based on the A-module structure of the dual space � A. An important feature of our algorithms is that we do not require � A to be free and of rank 1. The complexity of our algorithms for computing the minimal polynomial and the rational parametrizations are O(2 n D 5/2) and O(n2 n D 5/2) respectively, where D is the dimension of A. For fixed n, this is better than algorithms based on linear algebra except when the complexity of the available matrix product has exponent less than 5/2.

We present a randomized algorithm for finding maximum matchings in planar graphs in time O(n ω/2), where ω is the exponent of the best known matrix multiplication algorithm. Since ω < 2.38, this algorithm breaks through the O(n 1.5) barrier for the matching problem. This is the first result of this kind for general planar graphs. We also present an algorithm for generating perfect matchings in planar graphs uniformly at random using O(n ω/2) arithmetic operations. Our algorithms are based on the Gaussian elimination approach to maximum matchings introduced in [1].