Results 1  10
of
33
On MemoryBound Functions for Fighting Spam
 In Crypto
, 2002
"... In 1992, Dwork and Naor proposed that email messages be accompanied by easytocheck proofs of computational effort in order to discourage junk email, now known as spam. They proposed specific CPUbound functions for this purpose. Burrows suggested that, since memory access speeds vary across ma ..."
Abstract

Cited by 103 (2 self)
 Add to MetaCart
(Show Context)
In 1992, Dwork and Naor proposed that email messages be accompanied by easytocheck proofs of computational effort in order to discourage junk email, now known as spam. They proposed specific CPUbound functions for this purpose. Burrows suggested that, since memory access speeds vary across machines much less than do CPU speeds, memorybound functions may behave more equitably than CPUbound functions; this approach was first explored by Abadi, Burrows, Manasse, and Wobber [8].
Quantum Algorithms for Element Distinctness
 SIAM Journal of Computing
, 2001
"... We present several applications of quantum amplitude amplification to finding claws and collisions in ordered or unordered functions. Our algorithms generalize those of Brassard, Høyer, and Tapp, and imply an O(N 3/4 log N) quantum upper bound for the element distinctness problem in the comparison c ..."
Abstract

Cited by 75 (9 self)
 Add to MetaCart
(Show Context)
We present several applications of quantum amplitude amplification to finding claws and collisions in ordered or unordered functions. Our algorithms generalize those of Brassard, Høyer, and Tapp, and imply an O(N 3/4 log N) quantum upper bound for the element distinctness problem in the comparison complexity model. This contrasts with Θ(N log N) classical complexity. We also prove a lower bound of Ω ( √ N) comparisons for this problem and derive bounds for a number of related problems. 1
Reducing the servers' computation in private information retrieval: Pir with preprocessing
 In CRYPTO 2000
, 2000
"... Abstract. Private information retrieval (PIR) enables a user to retrieve a specific data item from a database, replicated among one or more servers, while hiding from each server the identity of the retrieved item. This problem was suggested by Chor et al. [11], and since then efficient protocols wi ..."
Abstract

Cited by 56 (8 self)
 Add to MetaCart
(Show Context)
Abstract. Private information retrieval (PIR) enables a user to retrieve a specific data item from a database, replicated among one or more servers, while hiding from each server the identity of the retrieved item. This problem was suggested by Chor et al. [11], and since then efficient protocols with sublinear communication were suggested. However, in all these protocols the servers ’ computation for each retrieval is at least linear in the size of entire database, even if the user requires just one bit. In this paper, we study the computational complexity of PIR. We show that in the standard PIR model, where the servers hold only the database, linear computation cannot be avoided. To overcome this problem we propose the model of PIR with preprocessing: Before the execution of the protocol each server may compute and store polynomiallymany information bits regarding the database; later on, this information should enable the servers to answer each query of the user with more efficient computation. We demonstrate that preprocessing can save work. In particular, we construct, for any constant k ≥ 2, a kserver protocol with O(n 1/(2k−1)) communication and O(n / log 2k−2 n) work, and for any constants k ≥ 2 and ɛ> 0 a kserver protocol with O(n 1/k+ɛ) communication and work. We also prove some lower bounds on the work of the servers when they are only allowed to store a small number of extra bits. Finally, we present some alternative approaches to saving computation, by batching queries or by moving most of the computation to an offline stage. 1
TimeSpace Tradeoffs, Multiparty Communication Complexity, and NearestNeighbor Problems
 In 34th Symp. on Theory of Computing (STOC’02
, 2002
"... We extend recent techniques for timespace tradeoff lower bounds using multiparty communication complexity ideas. Using these arguments, for inputs from large domains we prove larger tradeoff lower bounds than previously known for general branching programs, yielding time lower bounds of the form T ..."
Abstract

Cited by 25 (2 self)
 Add to MetaCart
(Show Context)
We extend recent techniques for timespace tradeoff lower bounds using multiparty communication complexity ideas. Using these arguments, for inputs from large domains we prove larger tradeoff lower bounds than previously known for general branching programs, yielding time lower bounds of the form T = n) when space S = n , up from T = n log n) for the best previous results. We also prove the first unrestricted separation of the power of general and oblivious branching programs by proving that 1GAP , which is trivial on general branching programs, has a timespace tradeoff of the form T = (n=S)) on oblivious Finally, using timespace tradeoffs for branching programs, we improve the lower bounds on query time of data structures for nearest neighbor problems in d dimensions from d= log n), proved in the cellprobe model [8, 5], to d) or log d= log log d) or even d log d) (depending on the metric space involved) in slightly less general but more reasonable data structure models.
Amplifying lower bounds by means of selfreducibility
 IN IEEE CONFERENCE ON COMPUTATIONAL COMPLEXITY
, 2008
"... We observe that many important computational problems in NC¹ share a simple selfreducibility property. We then show that, for any problem A having this selfreducibility property, A has polynomial size TC 0 circuits if and only if it has TC⁰ circuits of size n 1+ɛ for every ɛ>0 (counting the num ..."
Abstract

Cited by 20 (6 self)
 Add to MetaCart
We observe that many important computational problems in NC¹ share a simple selfreducibility property. We then show that, for any problem A having this selfreducibility property, A has polynomial size TC 0 circuits if and only if it has TC⁰ circuits of size n 1+ɛ for every ɛ>0 (counting the number of wires in a circuit as the size of the circuit). As an example of what this observation yields, consider the Boolean Formula Evaluation problem (BFE), which is complete for NC¹ and has the selfreducibility property. It follows from a lower bound of Impagliazzo, Paturi, and Saks, that BFE requires depth d TC 0 circuits of size n 1+ɛd. If one were able to improve this lower bound to show that there is some constant ɛ>0 such that every TC 0 circuit family recognizing BFE has size n 1+ɛ, then it would follow that TC⁰ ̸ = NC¹. We show that proving lower bounds of the form n 1+ɛ is not ruled out by the Natural Proof framework of Razborov and Rudich and hence there is currently no known barrier for separating classes such as ACC⁰, TC⁰ and NC¹ via existing “natural ” approaches to proving circuit lower bounds. We also show that problems with small uniform constantdepth circuits have algorithms that simultaneously have small space and time bounds. We then make use of known timespace tradeoff lower bounds to show that SAT requires uniform depth d TC⁰ and AC⁰ [6] circuits of size n 1+c for some constant c depending on d.
TimeSpace Tradeoffs in the Counting Hierarchy
, 2001
"... We extend the lower bound techniques of [14], to the unboundederror probabilistic model. A key step in the argument is a generalization of Nepomnjasci's theorem from the Boolean setting to the arithmetic setting. This generalization is made possible, due to the recent discovery of logspaceuni ..."
Abstract

Cited by 17 (3 self)
 Add to MetaCart
(Show Context)
We extend the lower bound techniques of [14], to the unboundederror probabilistic model. A key step in the argument is a generalization of Nepomnjasci's theorem from the Boolean setting to the arithmetic setting. This generalization is made possible, due to the recent discovery of logspaceuniform TC 0 circuits for iterated multiplication [9]. Here is an
Pebbling and Proofs of Work
, 2005
"... We investigate methods for providing easytocheck proofs of computational effort. Originally intended for discouraging spam, the concept has wide applicability as a method for controlling denial of service attacks. Dwork, Goldberg, and Naor proposed a specific memorybound function for this purpos ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
We investigate methods for providing easytocheck proofs of computational effort. Originally intended for discouraging spam, the concept has wide applicability as a method for controlling denial of service attacks. Dwork, Goldberg, and Naor proposed a specific memorybound function for this purpose and proved an asymptotically tight amortized lower bound on the number of memory accesses any polynomial time bounded adversary must make. Their function requires a large random table which, crucially, cannot be compressed. We answer an open question of Dwork et al. by designing a compact representation for the table. The paradox, compressing an incompressible table, is resolved by embedding a time/space tradeoff into the process for constructing the table from its representation.
Quantum timespace tradeoffs for sorting
 Proceedings of 35th ACM STOC
, 2003
"... We investigate the complexity of sorting in the model of sequential quantum circuits. While it is known that a quantum algorithm based on comparisons alone cannot outperform classical sorting algorithms by more than a constant factor in time complexity, this is wrong in a space bounded setting. We o ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
We investigate the complexity of sorting in the model of sequential quantum circuits. While it is known that a quantum algorithm based on comparisons alone cannot outperform classical sorting algorithms by more than a constant factor in time complexity, this is wrong in a space bounded setting. We observe that for all storage bounds S, one can devise a quantum algorithm that sorts n numbers (using comparisons only) in time T = O(n
Parity graphdriven readonce branching programs and an exponential lower bound for integer multiplication
 In Proc. of 2nd TCS
, 2002
"... Abstract Branching programs are a wellestablished computation model for boolean functions, especially readonce branching programs have been studied intensively. Exponential lower bounds for deterministic and nondeterministic readonce branching programs are known for a long time. On the other hand ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
(Show Context)
Abstract Branching programs are a wellestablished computation model for boolean functions, especially readonce branching programs have been studied intensively. Exponential lower bounds for deterministic and nondeterministic readonce branching programs are known for a long time. On the other hand, the problem of proving superpolynomial lower bounds for parity readonce branching programs is still open. In this paper restricted parity readonce branching programs are considered and an exponential lower bound on the size of wellstructured parity graphdriven readonce branching programs for integer multiplication is proven. This is the first strongly exponential lower bound on the size of a nonoblivious parity readonce branching program model for an explicitly defined boolean function. In addition, more insight into the structure of integer multiplication is yielded.
Timespace tradeoff lower bounds for integer . . . (Extended Abstract)
, 2003
"... We prove exponential size lower bounds for nondeterministic and randomized readk BPs as well as a timespace tradeoff lower bound for unrestricted, deterministic multiway BPs computing the middle bit of integer multiplication. The lower bound for randomized readk BPs is superpolynomial as long ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
We prove exponential size lower bounds for nondeterministic and randomized readk BPs as well as a timespace tradeoff lower bound for unrestricted, deterministic multiway BPs computing the middle bit of integer multiplication. The lower bound for randomized readk BPs is superpolynomial as long as the error probability is superpolynomially small. For polynomially small error, we have a polynomial upper bound on the size of approximating readonce BPs for this function. The lower bounds follow from a more general result for the graphs of universal hash classes that is applicable to the graphs of arithmetic functions such as integer multiplication, convolution, and finite field multiplication.