coNP and Function Problems

(1)

coNP and Function Problems

(2)

coNP

• By deﬁnition, coNP is the class of problems whose complement is in NP.

– L ∈ coNP if and only if ¯L ∈ NP.

• NP problems have succinct certiﬁcates.^a

• coNP is therefore the class of problems that have succinct disqualifications:^b

– A “no” instance possesses a short proof of its being a

“no” instance.

– Only “no” instances have such proofs.

aRecall Proposition 41 (p. 331).

bTo be proved in Proposition 54 (p. 459).

(3)

coNP (continued)

• Suppose L is a coNP problem.

• There exists a nondeterministic polynomial-time algorithm M such that:

– If x ∈ L, then M(x) = “yes” for all computation paths.

– If x ∈ L, then M(x) = “no” for some computation path.

• If we swap “yes” and “no” in M, the new algorithm decides ¯L ∈ NP in the classic sense (p. 108).

(4)

\HV [ ∉ /

\HV QR

\HV [ ∈ /

\HV

(5)

coNP (continued)

• So there are 3 major approaches to proving L ∈ coNP.

1. Prove ¯L ∈ NP.

– Especially when you already knew ¯L ∈ NP.

2. Prove that only “no” instances possess short proofs (for their not being in L).^a

3. Write an algorithm for it directly.

aRecall Proposition 41 (p. 331).

(6)

coNP (concluded)

• Clearly P ⊆ coNP.

• It is not known if

P = NP ∩ coNP.

– Contrast this with

R = RE ∩ coRE (see p. 156).

(7)

Some coNP Problems

• sat complement ∈ coNP.

– sat complement is the complement of sat.

– Or, the disqualiﬁcation is a truth assignment that satisfies it.

• hamiltonian path complement ∈ coNP.

– hamiltonian path complement is the complement of hamiltonian path.

– Or, the disqualiﬁcation is a Hamiltonian path.

(8)

Some coNP Problems (concluded)

• validity ∈ coNP.

– If φ is not valid, it can be disqualiﬁed very succinctly:

a truth assignment that does not satisfy it.

• optimal tsp (d) ∈ coNP.

– optimal tsp (d) asks if the optimal tour has a total distance of B, where B is an input.^a

– The disqualiﬁcation is a tour with a length ≥ B plus a tour with a length < B.

aDeﬁned by Mr. Che-Wei Chang (R95922093) on September 27, 2006.

(9)

A Nondeterministic Algorithm for sat complement (See also p. 119)

φ is a boolean formula with n variables.

1: for i = 1, 2, . . . , n do

2: Guess x_i ∈ { 0, 1 }; {Nondeterministic choice.}

3: end for

4: {Veriﬁcation:}

5: if φ(x₁, x₂, . . . , x_n) = 1 then

6: “no”;

7: else

8: “yes”;

9: end if

(10)

Analysis

• The algorithm decides language { φ : φ is unsatisﬁable }.

– The computation tree is a complete binary tree of depth n.

– Every computation path corresponds to a particular truth assignment out of 2ⁿ.

– φ is unsatisﬁable if and only if every truth assignment falsiﬁes φ.

– But every truth assignment falsiﬁes φ if and only if every computation path results in “yes.”

(11)

An Alternative Characterization of coNP

Proposition 54 Let L ⊆ Σ^∗ be a language. Then L ∈ coNP if and only if there is a polynomially decidable and

polynomially balanced relation R such that L = { x : ∀y (x, y) ∈ R }.

(As on p. 330, we assume | y | ≤ | x |^k for some k.)

• ¯L = { x : ∃y (x, y) ∈ ¬R }.

• Because ¬R remains polynomially balanced, ¯L ∈ NP by Proposition 41 (p. 331).

• Hence L ∈ coNP by deﬁnition.

(12)

coNP-Completeness

Proposition 55 L is NP-complete if and only if its complement ¯L = Σ^∗ − L is coNP-complete.

Proof (⇒; the ⇐ part is symmetric)

• Let L be any coNP language.

• Hence L ∈ NP.

• Let R be the reduction from L to L.

• So x ∈ L if and only if R(x) ∈ L.

• By the law of transposition, x ∈ L if and only if R(x) ∈ L.

(13)

coNP Completeness (concluded)

• So x ∈ L if and only if R(x) ∈ ¯L.

• The same R is a reduction from L to ¯L.

• This shows ¯L is coNP-hard.

• But ¯L ∈ coNP.

• This shows ¯L is coNP-complete.

(14)

Some coNP-Complete Problems

• sat complement is coNP-complete.

• hamiltonian path complement is coNP-complete.

• validity is coNP-complete.

– φ is valid if and only if ¬φ is not satisﬁable.

– φ ∈ validity if and only if ¬φ ∈ sat complement.

– The reduction from sat complement to validity is hence easy: R(φ) = ¬φ.

(15)

Possible Relations between P, NP, coNP

1. P = NP = coNP.

2. NP = coNP but P = NP.

3. NP = coNP and P = NP.

• This is the current “consensus.”^a

aCarl Gauss (1777–1855), “I could easily lay down a multitude of such propositions, which one could neither prove nor dispose of.”

(16)

The Primality Problem

• An integer p is prime if p > 1 and all positive numbers other than 1 and p itself cannot divide it.

• primes asks if an integer N is a prime number.

• Dividing N by 2, 3, . . . ,√

N is not eﬃcient.

– The length of N is only log N , but √

N = 2^{0.5 log N}. – It is an exponential-time algorithm.

• A polynomial-time algorithm for primes was not found until 2002 by Agrawal, Kayal, and Saxena!

• The running time is ˜O(log^7.5 N ).

(17)

1: _{if n = a}^b for some a, b > 1 then

2: return “composite”;

3: _{end if}

4: for r = 2, 3, . . . , n − 1 do

5: if gcd(n, r) > 1 then

7: _{end if}

8: if r is a prime then

9: Let q be the largest prime factor of r − 1;

10: _{if q ≥ 4}^√r log n and n^(r−1)/q = 1 mod r then

11: break; {Exit the for-loop.}

12: _{end if} 13: _{end if}

14: end for{r − 1 has a prime factor q ≥ 4√

r log n.}

15: for a = 1, 2, . . . , 2√

r log n do

16: _{if (x − a)}ⁿ _{= (x}ⁿ − a) mod (x^r − 1) in Zn[ x ] then

18: _{end if} 19: _{end for}

(18)

The Primality Problem (concluded)

• Later, we will focus on eﬃcient “randomized” algorithms for primes (used in Mathematica, e.g.).

• NP ∩ coNP is the class of problems that have succinct certiﬁcates and succinct disqualiﬁcations.

– Each “yes” instance has a succinct certiﬁcate.

– Each “no” instance has a succinct disqualiﬁcation.

– No instances have both.

• We will see that primes ∈ NP ∩ coNP.

– In fact, primes ∈ P as mentioned earlier.

(19)

Basic Modular Arithmetics

^a

• Let m, n ∈ Z⁺.

• m | n means m divides n; m is n’s divisor.

• We call the numbers 0, 1, . . . , n − 1 the residue modulo n.

• The greatest common divisor of m and n is denoted gcd(m, n).

• The r in Theorem 56 (p. 469) is a primitive root of p.

aCarl Friedrich Gauss.

(20)

Basic Modular Arithmetics (concluded)

• We use

a ≡ b mod n if n| (a − b).

– So 25 ≡ 38 mod 13.

• We use

a = b mod n

if b is the remainder of a divided by n.

– So 25 = 12 mod 13.

(21)

Primitive Roots in Finite Fields

Theorem 56 (Lucas & Lehmer, 1927) ^a A number p > 1 is a prime if and only if there is a number 1 < r < p such that

1. r^p−1 = 1 mod p, and

2. r^(p−1)/q = 1 mod p for all prime divisors q of p − 1.

• This r is called the primitive root or generator.

• We will prove one direction of the theorem later.^b

aFran¸cois Edouard Anatole Lucas (1842–1891); Derrick Henry Lehmer (1905–1991).

bSee pp. 480ﬀ.

(22)

Derrick Lehmer

^a

(1905–1991)

aInventor of the linear congruential generator in 1951.

(23)

Pratt’s Theorem

Theorem 57 (Pratt, 1975) primes ∈ NP ∩ coNP.

• primes ∈ coNP because a succinct disqualiﬁcation is a proper divisor.

– A proper divisor of a number means it is not a prime.

• Now suppose p is a prime.

• p’s certiﬁcate includes the r in Theorem 56 (p. 469).

– There may be multiple choices for r.

(24)

The Proof (continued)

• Use recursive doubling to check if r^p−1 = 1 mod p in time polynomial in the length of the input, log₂ p.

– r, r², r⁴, . . . mod p, a total of ∼ log₂ p steps.

• We also need all prime divisors of p − 1: q1, q₂, . . . , q_k. – Whether r, q₁, . . . , q_k are easy to ﬁnd is irrelevant.

• Checking r^(p−1)/qⁱ = 1 mod p is also easy.

• Checking q1, q₂, . . . , q_k are all the divisors of p− 1 is easy.

(25)

The Proof (concluded)

• We still need certiﬁcates for the primality of the q_i’s.

• The complete certiﬁcate is recursive and tree-like:

C(p) = (r; q₁, C(q₁), q₂, C(q₂), . . . , q_k, C(q_k)). (5)

• We next prove that C(p) is succinct.

• As a result, C(p) can be checked in polynomial time.

(26)

A Certificate for 23

^a

• Note that 5 is a primitive root modulo 23 and 23 − 1 = 22 = 2 × 11.^b

• So

C(23) = (5; 2, C(2), 11, C(11)).

• Note that 2 is a primitive root modulo 11 and 11 − 1 = 10 = 2 × 5.

• So

C(11) = (2; 2, C(2), 5, C(5)).

aThanks to a lively discussion on April 24, 2008.

bOther primitive roots are 7, 10, 11, 14, 15, 17, 19, 20, 21.

(27)

A Certificate for 23 (concluded)

• Note that 2 is a primitive root modulo 5 and 5 − 1 = 4 = 2².

• So

C(5) = (2; 2, C(2)).

• In summary,

C(23) = (5; 2, C(2), 11, (2; 2, C(2), 5, (2; 2, C(2)))).

– In Mathematica, PrimeQCertificate[23] yields { 23, 5, { 2, { 11, 2, { 2, { 5, 2, { 2 }}}}}}

(28)

The Succinctness of the Certificate

Lemma 58 The length of C(p) is at most quadratic at 5 log²₂ p.

• This claim holds when p = 2 or p = 3.

• In general, p − 1 has k ≤ log₂ p prime divisors q₁ = 2, q₂, . . . , q_k.

– Reason:

2^k ≤

k i=1

q_i ≤ p − 1.

• Note also that, as q1 = 2,

k i=2

q_i ≤ p − 1

2 . (6)

(29)

The Proof (continued)

• C(p) requires:

– 2 parentheses;

– 2k < 2 log₂ p separators (at most 2 log₂ p bits);

– r (at most log₂ p bits);

– q₁ = 2 and its certiﬁcate 1 (at most 5 bits);

– q₂, . . . , q_k (at most 2 log₂ p bits);^a – C(q₂), . . . , C(q_k).

aWhy?

(30)

The Proof (concluded)

• C(p) is succinct because, by induction,

| C(p) | ≤ 5 log₂ p + 5 + 5

k i=2

log²₂ q_i

≤ 5 log₂ p + 5 + 5

_k

i=2

log₂ q_i

²

≤ 5 log₂ p + 5 + 5 log²₂ p − 1

2 by inequality (6)

< 5 log₂ p + 5 + 5[ (log₂ p) − 1 ]²

= 5 log²₂ p + 10 − 5 log₂ p ≤ 5 log²₂ p for p ≥ 4.

(31)

Turning the Proof into an Algorithm

^a

• How to turn the proof into a nondeterministic polynomial-time algorithm?

• First, guess a log₂ p-bit number r.

• Then guess up to log₂ p numbers q₁, q₂, . . . , q_k each containing at most log₂ p bits.

• Then recursively do the same thing for each of the q_i to form a certiﬁcate (5) on p. 473.

• Finally check if the two conditions of Theorem 56 (p.

469) hold throughout the tree.

aContributed by Mr. Kai-Yuan Hou (B99201038, R03922014) on

(32)

Euler’s

^a

Totient or Phi Function

• Let

Φ(n) = { m : 1 ≤ m < n, gcd(m, n) = 1 }

be the set of all positive integers less than n that are prime to n.^b

– Φ(12) = { 1, 5, 7, 11 }.

• Deﬁne Euler’s function of n to be φ(n) = | Φ(n) |.

• φ(p) = p − 1 for prime p, and φ(1) = 1 by convention.

• Euler’s function is not expected to be easy to compute without knowing n’s factorization.

aLeonhard Euler (1707–1783).

bZ^∗ is an alternative notation.

(33)

(34)

Leonhard Euler (1707–1783)

(35)

Three Properties of Euler’s Function

^a

The inclusion-exclusion principle^b can be used to prove the following.

Lemma 59 If n = pê₁¹pê₂² · · · pê is the prime factorization of n, then

φ(n) = n

i=1

1 − 1 p_i

.

• For example, if n = pq, where p and q are distinct primes, then

φ(n) = pq

1 − 1 p

1 − 1 q

= pq − p − q + 1.

aSee p. 224 of the textbook.

(36)

Three Properties of Euler’s Function (concluded)

Corollary 60 φ(mn) = φ(m) φ(n) if gcd(m, n) = 1.

Lemma 61 (Gauss)

m|n φ(m) = n.

(37)

The Chinese Remainder Theorem

• Let n = n1n₂ · · · n_k, where n_i are pairwise relatively prime.

• For any integers a1, a₂, . . . , a_k, the set of simultaneous equations

x = a₁ mod n₁, x = a₂ mod n₂,

...

x = a_k mod n_k,

has a unique solution modulo n for the unknown x.

(38)

Fermat’s “Little” Theorem

^a

Lemma 62 For all 0 < a < p, a^p−1 = 1 mod p.

• Recall Φ(p) = { 1, 2, . . . , p − 1 }.

• Consider aΦ(p) = { am mod p : m ∈ Φ(p) }.

• aΦ(p) = Φ(p).

– aΦ(p) ⊆ Φ(p) as a remainder must be between 1 and p − 1.

– Suppose am ≡ am mod p for m > m, where m, m ∈ Φ(p).

– That means a(m − m) = 0 mod p, and p divides a or m − m, which is impossible.

aPierre de Fermat (1601–1665).

(39)

The Proof (concluded)

• Multiply all the numbers in Φ(p) to yield (p − 1)!.

• Multiply all the numbers in aΦ(p) to yield a^p−1(p − 1)!.

• As aΦ(p) = Φ(p), we have

a^p−1(p − 1)! ≡ (p − 1)! mod p.

• Finally, a^p−1 = 1 mod p because p |(p − 1)!.

(40)

The Fermat-Euler Theorem

^a

Corollary 63 For all a ∈ Φ(n), a^φ(n) = 1 mod n.

• The proof is similar to that of Lemma 62 (p. 486).

• Consider aΦ(n) = { am mod n : m ∈ Φ(n) }.

• aΦ(n) = Φ(n).

– aΦ(n) ⊆ Φ(n) as a remainder must be between 0 and n − 1 and relatively prime to n.

– Suppose am ≡ am mod n for m < m < n, where m, m ∈ Φ(n).

– That means a(m − m) = 0 mod n, and n divides a or m − m, which is impossible.

aProof by Mr. Wei-Cheng Cheng (R93922108, D95922011) on Novem- ber 24, 2004.

(41)

The Proof (concluded)

^a

• Multiply all the numbers in Φ(n) to yield

m∈Φ(n) m.

• Multiply all the numbers in aΦ(n) to yield a^φ(n)

m∈Φ(n) m.

• As aΦ(n) = Φ(n),

m∈Φ(n)

m ≡ a^φ(n)

⎛

⎝

m∈Φ(n)

m

⎞

⎠ mod n.

• Finally, a^φ(n) = 1 mod n because n |

m∈Φ(n) m.

aSome typographical errors corrected by Mr. Jung-Ying Chen (D95723006) on November 18, 2008.

(42)

An Example

• As 12 = 2² × 3,

φ(12) = 12 ×

1 − 1 2

1 − 1 3

= 4.

• In fact, Φ(12) = { 1, 5, 7, 11 }.

• For example,

5⁴ = 625 = 1 mod 12.

(43)

Exponents

• The exponent of m ∈ Φ(p) is the least k ∈ Z⁺ such that m^k = 1 mod p.

• Every residue s ∈ Φ(p) has an exponent.

– 1, s, s², s³, . . . eventually repeats itself modulo p, say sⁱ ≡ s^j mod p, i < j, which means s^j−i = 1 mod p.

• If the exponent of m is k and m = 1 mod p, then k | .

– Otherwise, = qk + a for 0 < a < k, and

m = m^qk+a ≡ m^a ≡ 1 mod p, a contradiction.

Lemma 64 Any nonzero polynomial of degree k has at most

(44)

Exponents and Primitive Roots

• From Fermat’s “little” theorem (p. 486), all exponents divide p − 1.

• A primitive root of p is thus a number with exponent p − 1.

• Let R(k) denote the total number of residues in Φ(p) = { 1, 2, . . . , p − 1 } that have exponent k.

• We already knew that R(k) = 0 for k |(p − 1).

• As every number has an exponent,

k | (p−1)

R(k) = p − 1.

(45)

Size of R(k)

• Any a ∈ Φ(p) of exponent k satisﬁes x^k = 1 mod p.

• By Lemma 64 (p. 491) there are at most k residues of exponent k, i.e., R(k) ≤ k.

• Let s be a residue of exponent k.

• 1, s, s², . . . , s^k−1 are distinct modulo p.

– Otherwise, sⁱ ≡ s^j mod p with i < j.

– Then s^j−i = 1 mod p with j − i < k, a contradiction.

• As all these k distinct numbers satisfy x^k = 1 mod p, they comprise all the solutions of x^k = 1 mod p.

(46)

Size of R(k) (continued)

• But do all of them have exponent k (i.e., R(k) = k)?

• And if not (i.e., R(k) < k), how many of them do?

• Pick s, where < k.

• Suppose ∈ Φ(k) with gcd(, k) = d > 1.

• Then

(s)^k/d = (s^k)^/d = 1 mod p.

• Therefore, s has exponent at most k/d < k.

• So s has exponent k only if ∈ Φ(k).

• We conclude that

R(k) ≤ φ(k).

(47)

Size of R(k) (continued)

• Because all p − 1 residues have an exponent, p − 1 =

k | (p−1)

R(k) ≤

k | (p−1)

φ(k) = p − 1

by Lemma 61 (p. 484).

• Hence

R(k) =

⎧⎨

⎩

φ(k), when k | (p − 1), 0, otherwise.

(48)

Size of R(k) (concluded)

• Incidentally, we have shown that

g, where ∈ Φ(k),

are all the numbers with exponent k if g has exponent k.

• As R(p − 1) = φ(p − 1) > 0, p has primitive roots.

• This proves one direction of Theorem 56 (p. 469).

(49)

A Few Calculations

• Let p = 13.

• From p. 488 φ(p − 1) = 4.

• Hence R(12) = 4.

• Indeed, there are 4 primitive roots of p.

• As

Φ(p − 1) = { 1, 5, 7, 11 }, the primitive roots are

g¹, g⁵, g⁷, g¹¹, where g is any primitive root.

(50)

Function Problems

• Decision problems are yes/no problems (sat, tsp (d), etc.).

• Function problems require a solution (a satisfying truth assignment, a best tsp tour, etc.).

• Optimization problems are clearly function problems.

• What is the relation between function and decision problems?

• Which one is harder?

(51)

Function Problems Cannot Be Easier than Decision Problems

• If we know how to generate a solution, we can solve the corresponding decision problem.

– If you can ﬁnd a satisfying truth assignment eﬃciently, then sat is in P.

– If you can ﬁnd the best tsp tour eﬃciently, then tsp (d) is in P.

• But we shall see that decision problems can be as hard as the corresponding function problems. immediately.

(52)

fsat

• fsat is this function problem:

– Let φ(x₁, x₂, . . . , x_n) be a boolean expression.

– If φ is satisﬁable, then return a satisfying truth assignment.

– Otherwise, return “no.”

• We next show that if sat ∈ P, then fsat has a polynomial-time algorithm.

• sat is a subroutine (black box) that returns “yes” or

“no” on the satisﬁability of the input.

(53)

An Algorithm for fsat Using sat

1: t := ; {Truth assignment.}

2: if φ ∈ sat then

3: for i = 1, 2, . . . , n do

4: if φ[ xi = true ] ∈ sat then 5: t := t ∪ { x_i = true };

6: φ := φ[ x_i = true ];

7: else

8: t := t ∪ { xi = false };

9: φ := φ[ x_i = false ];

10: end if 11: end for 12: return t;

13: else

14: return “no”;

15: end if

(54)

Analysis

• If sat can be solved in polynomial time, so can fsat.

– There are ≤ n + 1 calls to the algorithm for sat.^a – Boolean expressions shorter than φ are used in each

call to the algorithm for sat.

• Hence sat and fsat are equally hard (or easy).

• Note that this reduction from fsat to sat is not a Karp reduction.^b

• Instead, it calls sat multiple times as a subroutine, and its answers guide the search on the computation tree.

aContributed by Ms. Eva Ou (R93922132) on November 24, 2004.

bRecall p. 262 and p. 266.

(55)

tsp and tsp (d) Revisited

• We are given n cities 1, 2, . . . , n and integer distances d_ij = d_ji between any two cities i and j.

• tsp (d) asks if there is a tour with a total distance at most B.

• tsp asks for a tour with the shortest total distance.

– The shortest total distance is at most

i,j d_ij.

∗ Recall that the input string contains d11, . . . , d_nn.

• Thus the shortest total distance is less than 2^{| x |} in magnitude, where x is the input (why?).

• We next show that if tsp (d) ∈ P, then tsp has a

(56)

An Algorithm for tsp Using tsp (d)

1: Perform a binary search over interval [ 0, 2^{| x |} ] by calling tsp (d) to obtain the shortest distance, C;

2: for i, j = 1, 2, . . . , n do

3: Call tsp (d) with B = C and d_ij = C + 1;

4: if “no” then

5: Restore d_ij to its old value; {Edge [ i, j ] is critical.}

6: end if

7: end for

8: return the tour with edges whose d_ij ≤ C;

(57)

Analysis

• An edge which is not on any remaining optimal tours will be eliminated, with its d_ij set to C + 1.

• So the algorithm ends with n edges which are not eliminated (why?).

• This is true even if there are multiple optimal tours!^a

aThanks to a lively class discussion on November 12, 2013.

(58)

Analysis (concluded)

• There are O(| x | + n²) calls to the algorithm for tsp (d).

• Each call has an input length of O(| x |).

• So if tsp (d) can be solved in polynomial time, so can tsp.

• Hence tsp (d) and tsp are equally hard (or easy).

(59)

Randomized Computation

(60)

I know that half my advertising works, I just don’t know which half.

— John Wanamaker I know that half my advertising is a waste of money, I just don’t know which half!

— McGraw-Hill ad.

(61)

Randomized Algorithms

^a

• Randomized algorithms ﬂip unbiased coins.

• There are important problems for which there are no known eﬃcient deterministic algorithms but for which very eﬃcient randomized algorithms exist.

– Extraction of square roots, for instance.

• There are problems where randomization is necessary.

– Secure protocols.

• Randomized version can be more eﬃcient.

– Parallel algorithms for maximal independent set.^b

aRabin (1976); Solovay & Strassen (1977).

(62)

Randomized Algorithms (concluded)

• Are randomized algorithms algorithms?^a

• Coin ﬂips are occasionally used in politics.^b

aPascal, “Truth is so delicate that one has only to depart the least bit from it to fall into error.”

bIn the 2016 Iowa Democratic caucuses, e.g. (see http://edition.cnn.com/2016/02/02/politics/hillary-clinton-coin -flip-iowa-bernie-sanders/index.html).

(63)

“Four Most Important Randomized Algorithms”

^a

1. Primality testing.^b

2. Graph connectivity using random walks.^c 3. Polynomial identity testing.^d

4. Algorithms for approximate counting.^e

aTrevisan (2006).

bRabin (1976); Solovay & Strassen (1977).

cAleliunas, Karp, Lipton, Lov´asz, & Rackoﬀ (1979).

dSchwartz (1980); Zippel (1979).

eSinclair & Jerrum (1989).

(64)

Bipartite Perfect Matching

• We are given a bipartite graph G = (U, V, E).

– U = { u1, u₂, . . . , u_n }.

– V = { v1, v₂, . . . , v_n }.

– E ⊆ U × V .

• We are asked if there is a perfect matching.

– A permutation π of { 1, 2, . . . , n } such that (u_i, v_π(i)) ∈ E

for all i ∈ { 1, 2, . . . , n }.

• A perfect matching contains n edges.

(65)

A Perfect Matching in a Bipartite Graph

: : : : :

;

(66)

Symbolic Determinants

• We are given a bipartite graph G.

• Construct the n × n matrix A^G whose (i, j)th entry A^G_ij is a symbolic variable x_ij if (u_i, v_j) ∈ E and 0 otherwise:

A^G_ij =

⎧⎨

⎩

x_ij, if (u_i, v_j) ∈ E, 0, othersie.

(67)

Symbolic Determinants (continued)

• The matrix for the bipartite graph G on p. 513 is^a

A^G =

⎡

⎢⎢

⎣

0 0 x₁₃ x₁₄ 0

0 x₂₂ 0 0 0

x₃₁ 0 0 0 x₃₅

x₄₁ 0 x₄₃ x₄₄ 0

x₅₁ 0 0 0 x₅₅

⎤

⎥⎥

⎦

. (7)

aThe idea is similar to the Tanner graph in coding theory by Tanner (1981).

(68)

Symbolic Determinants (concluded)

• The determinant of A^G is det(A^G) =

π

sgn(π)

n i=1

A^G_i,π(i). (8) – π ranges over all permutations of n elements.

– sgn(π) is 1 if π is the product of an even number of transpositions and −1 otherwise.^a

• det(A^G) contains n! terms, many of which may be 0s.

aEquivalently, sgn(π) = 1 if the number of (i, j)s such that i < j and π(i) > π(j) is even. Contributed by Mr. Hwan-Jeu Yu (D95922028) on May 1, 2008.

(69)

Determinant and Bipartite Perfect Matching

• In

π sgn(π) _n

i=1 A^G_i,π(i), note the following:

– Each summand corresponds to a possible perfect matching π.

– Nonzero summands _n

i=1 A^G_i,π(i) are distinct monomials and will not cancel.

• det(A^G) is essentially an exhaustive enumeration.

Proposition 65 (Edmonds, 1967) G has a perfect matching if and only if det(A^G) is not identically zero.

(70)

Perfect Matching and Determinant (p. 513)

:

: : : :

;

(71)

Perfect Matching and Determinant (concluded)

• The matrix is (p. 515)

A^G =

⎡

⎢⎢

⎣

0 0 x₁₃ x₁₄ 0

0 x₂₂ 0 0 0

x₃₁ 0 0 0 x₃₅

x₄₁ 0 x₄₃ x₄₄ 0

x₅₁ 0 0 0 x₅₅

⎤

⎥⎥

⎦ .

• det(A^G) = −x14x₂₂x₃₅x₄₃x₅₁ + x₁₃x₂₂x₃₅x₄₄x₅₁ + x₁₄x₂₂x₃₁x₄₃x₅₅ − x13x₂₂x₃₁x₄₄x₅₅.

• Each nonzero term denotes a perfect matching, and vice

(72)

How To Test If a Polynomial Is Identically Zero?

• det(A^G) is a polynomial in n² variables.

• It has, potentially, exponentially many terms.

• Expanding the determinant polynomial is thus infeasible.

• If det(A^G) ≡ 0, then it remains zero if we substitute arbitrary integers for the variables x₁₁, . . . , x_nn.

• When det(A^G) ≡ 0, what is the likelihood of obtaining a zero?

(73)

Number of Roots of a Polynomial

Lemma 66 (Schwartz, 1980) Let p(x₁, x₂, . . . , x_m) ≡ 0 be a polynomial in m variables each of degree at most d. Let M ∈ Z⁺. Then the number of m-tuples

(x₁, x₂, . . . , x_m) ∈ { 0, 1, . . . , M − 1 }^m such that p(x₁, x₂, . . . , x_m) = 0 is

≤ mdM^m−1.

• By induction on m (consult the textbook).

(74)

Density Attack

• The density of roots in the domain is at most mdM^m−1

M^m = md

M . (9)

• So suppose p(x1, x₂, . . . , x_m) ≡ 0.

• Then a random

(x₁, x₂, . . . , x_m) ∈ { 0, 1, . . . , M − 1 }^m has a probability of ≤ md/M of being a root of p.

• Note that M is under our control!

– One can raise M to lower the error probability, e.g.

(75)

Density Attack (concluded)

Here is a sampling algorithm to test if p(x₁, x₂, . . . , x_m) ≡ 0.

1: Choose i₁, . . . , i_m from { 0, 1, . . . , M − 1 } randomly;

2: if p(i₁, i₂, . . . , i_m) = 0 then

3: return “p is not identically zero”;

4: else

5: return “p is (probably) identically zero”;

6: end if

(76)

Analysis

• If p(x1, x₂, . . . , x_m) ≡ 0 , the algorithm will always be correct as p(i₁, i₂, . . . , i_m) = 0.

• Suppose p(x1, x₂, . . . , x_m) ≡ 0.

– The algorithm will answer incorrectly with

probability at most md/M by Eq. (9) on p. 522.

• We next return to the original problem of bipartite perfect matching.

(77)

A Randomized Bipartite Perfect Matching Algorithm

^a

1: Choose n² integers i₁₁, . . . , i_nn from { 0, 1, . . . , 2n² − 1 } randomly; {So M = 2n².}

2: Calculate det(A^G(i₁₁, . . . , i_nn)) by Gaussian elimination;

3: if det(A^G(i₁₁, . . . , i_nn)) = 0 then

4: return “G has a perfect matching”;

5: else

6: return “G has (probably) no perfect matchings”;

7: end if

aLovász (1979). According to Paul Erd˝os, Lovász wrote his first sig- nificant paper “at the ripe old age of 17.”

(78)

Analysis

• If G has no perfect matchings, the algorithm will always be correct as det(A^G(i₁₁, . . . , i_nn)) = 0.

• Suppose G has a perfect matching.

– The algorithm will answer incorrectly with

probability at most md/M = 0.5 with m = n², d = 1 and M = 2n² in Eq. (9) on p. 522.

• Run the algorithm independently k times.

• Output “G has no perfect matchings” if and only if all say “(probably) no perfect matchings.”

• The error probability is now reduced to at most 2^−k.

(79)

L´ oszl´ o Lov´ asz (1948–)

(80)

Remarks

^a

• Note that we are calculating

prob[ algorithm answers “no”| G has no perfect matchings ], prob[ algorithm answers “yes”| G has a perfect matching ].

• We are not calculating^b

prob[ G has no perfect matchings| algorithm answers “no” ], prob[ G has a perfect matching| algorithm answers “yes” ].

aThanks to a lively class discussion on May 1, 2008.

bNumerical Recipes in C (1988), “statistics is not a branch of math- ematics!” Similar issues arise in MAP (maximum a posteriori) estimates and ML (maximum likelihood) estimates.

(81)