Sign In
Your Recent History
View Cart

Keyword
DOI
Citation
Advanced Search

Search Content Type

article doi:

Citation:

Home
Journals
E-books
For Authors
- Journal Author Submissions
- Book Author Submissions
Subscription Info
Interactive Features
Journal Citations
Contact Us
- Feedback
- SIAM Website
Scitation

SIAM J. on Computing

SECTION LISTING

SPECIAL SECTION

BROWSE VOLUMES

Year Range:

2012

Volume 41

2011

Volume 40

2009

Volume 39

Issue 8 | 2010 | pp. 3441-3904

Issue 7 | 2010 | pp. 2683-3439

Issue 6 | 2010 | pp. 2113-2682 †

Special Section On Foundations of Computer Science

Issue 5 | 2010 | pp. 1667-2112

Issue 4 | 2009 | pp. 1219-1665

Issue 3 | 2009 | pp. 783-1218 †

Special Section On The Thirty-Ninth Annual ACM Symposium On Theory Of Computing (STOC 2007)

Issue 2 | 2009 | pp. 361-782 †

Special Section on Foundations of Computer Science

Issue 1 | 2009 | pp. vii-360 *

Special Issue On The Thirty-Eighth Annual ACM Symposium On Theory Of Computing (STOC 2006)

2008

Volume 38

2007

Volume 37

2006

Volume 36

2005

Volume 35

2004

Volume 34

2003

Volume 33

2002

Volume 32

2001

Volume 31

2000

Volume 30

1999

Volume 29

1998

Volume 28

1998

Volume 27

1997

Volume 26

1996

Volume 25

1995

Volume 24

1994

Volume 23

1993

Volume 22

1992

Volume 21

1991

Volume 20

1990

Volume 19

1989

Volume 18

1988

Volume 17

1987

Volume 16

1986

Volume 15

1985

Volume 14

1984

Volume 13

1983

Volume 12

1982

Volume 11

1981

Volume 10

1980

Volume 9

1979

Volume 8

1978

Volume 7

1977

Volume 6

1976

Volume 5

1975

Volume 4

1974

Volume 3

1973

Volume 2

1972

Volume 1

All Journal content published prior to 1997 is part of LOCUS.

Search Term

Search Issue | RSS Feeds

RSS
Previous Issue Next Issue

2009

Volume 39, Issue 3, pp. 783-1218

† Special Section On The Thirty-Ninth Annual ACM Symposium On Theory Of Computing (STOC 2007)

Add

View

Select this Article		Pass-Efficient Algorithms for Learning Mixtures of Uniform Distributions Kevin L. Chang and Ravi Kannan SIAM J. Comput. 39, pp. 783-812 (30 pages) Online Publication Date: August 06, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We present multiple pass streaming algorithms for a basic statistical clustering problem for massive data sets. If our algorithm is allotted $2\ell$ passes, it will produce an approximation with error at most $\epsilon$ using $\tilde{O}(k^3/\epsilon^{2/\ell})$ bits of memory, the most critical resource for streaming computation. We demonstrate that this tradeoff between passes and memory allotted is intrinsic to the problem and model of computation by proving lower bounds on the memory requirements of any $\ell$ pass randomized algorithm that are nearly matched by our upper bounds. In this problem, we are given a set of $n$ points drawn randomly according to a mixture of $k$ uniform distributions and wish to approximate the density function of the mixture. The points are placed in a data stream (possibly in adversarial order), which may only be read in sequential passes by the algorithm. The algorithm is quite general and can be adapted to solve the problems of learning a mixture of linear distributions in $\mathbb{R}$ and a mixture of uniform distributions in $\mathbb{R}^2$.

Select this Article		Strong Lower Bounds for Approximating Distribution Support Size and the Distinct Elements Problem Sofya Raskhodnikova, Dana Ron, Amir Shpilka, and Adam Smith SIAM J. Comput. 39, pp. 813-842 (30 pages) \| Cited 1 time Online Publication Date: August 06, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We consider the problem of approximating the support size of a distribution from a small number of samples, when each element in the distribution appears with probability at least $\frac{1}{n}$. This problem is closely related to the problem of approximating the number of distinct elements in a sequence of length $n$. Charikar, Chaudhuri, Motwani, and Narasayya [in Proceedings of the Nineteenth ACM SIGMOD–SIGACT–SIGART Symposium on Principles of Database Systems, 2000, pp. 268–279] and Bar-Yossef, Kumar, and Sivakumar [in Proceedings of the Thirty-Third Annual ACM Symposium on Theory of Computing, ACM Press, New York, 2001, pp. 266–275] proved that multiplicative approximation for these problems within a factor $\alpha>1$ requires $\Theta(\frac{n}{\alpha^2})$ queries to the input sequence. Their lower bound applies only when the number of distinct elements (or the support size of a distribution) is very small. For both problems, we prove a nearly linear in $n$ lower bound on the query complexity, applicable even when the number of distinct elements is large (up to linear in $n$) and even for approximation with additive error. At the heart of the lower bound is a construction of two positive integer random variables, $\mathsf{X}_1$ and $\mathsf{X}_2$, with very different expectations and the following condition on the first $k$ moments: $\mathsf{E}[\mathsf{X}_1]/\mathsf{E}[\mathsf{X}_2] = \mathsf{E}[\mathsf{X}_1^2]/\mathsf{E}[\mathsf{X}_2^2] = \cdots = \mathsf{E}[\mathsf{X}_1^k]/\E[\mathsf{X}_2^k]$. It is related to a well-studied mathematical question, the truncated Hamburger problem, but differs in the requirement that our random variables have to be supported on integers. Our lower bound method is also applicable to other problems and, in particular, gives a new lower bound for the sample complexity of approximating the entropy of a distribution.

Select this Article		Conditional Hardness for Approximate Coloring Irit Dinur, Elchanan Mossel, and Oded Regev SIAM J. Comput. 39, pp. 843-873 (31 pages) \| Cited 1 time Online Publication Date: August 12, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We study the AprxColoring$(q,Q)$ problem: Given a graph $G$, decide whether $\chi(G)\le q$ or $\chi(G)\ge Q$. We present hardness results for this problem for any constants $3\le q<Q$. For $q\ge4$, our result is based on Khot's 2-to-1 label cover, which is conjectured to be NP-hard [S. Khot, Proceedings of the 34th Annual ACM Symposium on Theory of Computing, 2002, pp. 767–775]. For $q=3$, we base our hardness result on a certain “${\rhd\hskip-0.5em<}$-shaped” variant of his conjecture. Previously no hardness result was known for $q=3$ and $Q\ge6$. At the heart of our proof are tight bounds on generalized noise-stability quantities, which extend the recent work of Mossel, O'Donnell, and Oleszkiewicz [“Noise stability of functions with low influences: Invariance and optimality,” Ann. of Math. (2), to appear] and should have wider applicability.

Select this Article		An LLL Algorithm with Quadratic Complexity Phong Q. Nguyen and Damien Stehlé SIAM J. Comput. 39, pp. 874-903 (30 pages) \| Cited 1 time Online Publication Date: August 26, 2009 Full Text: \| Download PDF
	+ -	Show Abstract The Lenstra–Lenstra–Lovász lattice basis reduction algorithm (called LLL or ${\rm L}^3$) is a fundamental tool in computational number theory and theoretical computer science, which can be viewed as an efficient algorithmic version of Hermite's inequality on Hermite's constant. Given an integer $d$-dimensional lattice basis with vectors of Euclidean norm less than $B$ in an $n$-dimensional space, the ${\rm L}^3$ algorithm outputs a reduced basis in $O(d^3n\,{\rm log}\,B\cdot\mathcal{M}(d\,{\rm log}\,B))$ bit operations, where $\mathcal{M}(k)$ denotes the time required to multiply $k$-bit integers. This worst-case complexity is problematic for applications where $d$ or/and ${\rm log}\,B$ are often large. As a result, the original ${\rm L}^3$ algorithm is almost never used in practice, except in tiny dimension. Instead, one applies floating-point variants where the long-integer arithmetic required by Gram–Schmidt orthogonalization is replaced by floating-point arithmetic. Unfortunately, this is known to be unstable in the worst case: the usual floating-point ${\rm L}^3$ algorithm is not even guaranteed to terminate, and the output basis may not be ${\rm L}^3$-reduced at all. In this article, we introduce the ${\rm L}^2$ algorithm, a new and natural floating-point variant of the ${\rm L}^3$ algorithm which provably outputs ${\rm L}^3$-reduced bases in polynomial time $O(d^2n(d+{\rm log}\,B)\,{\rm log}\,B\cdot\mathcal{M}(d))$. This is the first ${\rm L}^3$ algorithm whose running time (without fast integer arithmetic) provably grows only quadratically with respect to ${\rm log}\,B$, like Euclid's gcd algorithm and Lagrange's two-dimensional algorithm.

Select this Article		Estimating the Weight of Metric Minimum Spanning Trees in Sublinear Time Artur Czumaj and Christian Sohler SIAM J. Comput. 39, pp. 904-922 (19 pages) \| Cited 3 times Online Publication Date: August 26, 2009 Full Text: \| Download PDF
	+ -	Show Abstract In this paper we present a sublinear-time $(1+\varepsilon)$-approximation randomized algorithm to estimate the weight of the minimum spanning tree of an $n$-point metric space. The running time of the algorithm is $\widetilde{\mathcal{O}}(n/\varepsilon^{\mathcal{O}(1)})$. Since the full description of an $n$-point metric space is of size $\Theta(n^2)$, the complexity of our algorithm is sublinear with respect to the input size. Our algorithm is almost optimal as it is not possible to approximate in $o(n)$ time the weight of the minimum spanning tree to within any factor. We also show that no deterministic algorithm can achieve a $B$-approximation in $o(n^2/B^3)$ time. Furthermore, it has been previously shown that no $o(n^2)$ algorithm exists that returns a spanning tree whose weight is within a constant times the optimum.

Select this Article		On Coresets for $k$-Median and $k$-Means Clustering in Metric and Euclidean Spaces and Their Applications Ke Chen SIAM J. Comput. 39, pp. 923-947 (25 pages) Online Publication Date: August 26, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We present new approximation algorithms for the $k$-median and $k$-means clustering problems. To this end, we obtain small coresets for $k$-median and $k$-means clustering in general metric spaces and in Euclidean spaces. In $\mathbb{R}^d$, these coresets are of size with polynomial dependency on the dimension $d$. This leads to $(1+\varepsilon)$-approximation algorithms to the optimal $k$-median and $k$-means clustering in $\mathbb{R}^d$, with running time $O(ndk+2^{(k/\varepsilon)^{O(1)}}d^2\log^{k+2}n)$, where $n$ is the number of points. This improves over previous results. We use those coresets to maintain a $(1+\varepsilon)$-approximate $k$-median and $k$-means clustering of a stream of points in $\mathbb{R}^d$, using $O(d^2k^2\varepsilon^{-2}\log^8n)$ space. These are the first streaming algorithms, for those problems, that have space complexity with polynomial dependency on the dimension.

Select this Article		Tight Bounds for Randomized and Quantum Local Search Shengyu Zhang SIAM J. Comput. 39, pp. 948-977 (30 pages) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract The problem Local Search, which finds a local minimum of a black-box function on a given graph, is of both practical and theoretical importance to combinatorial optimization, complexity theory, and many other areas in theoretical computer science. In this paper, we study the problem in both the randomized and the quantum query models and give new lower and upper bound techniques in both models. The lower bound technique works for any graph that contains a product graph as a subgraph. Applying it to the Boolean hypercube $\{0,1\}^n$ and the constant-dimensional grids $[n]^d$, two particular product graphs that recently drew much attention, we get the following tight results: $\text{{\it RLS\/}}(\{0,1\}^n)=\Theta(2^{n/2}n^{1/2})$, $\text{{\it QLS\/}}(\{0,1\}^n)=\Theta(2^{n/3}n^{1/6})$, $\text{{\it RLS\/}}([n]^d)=\Theta(n^{d/2})$ for $d\geq4$, $\text{{\it QLS\/}}([n]^d)=\Theta(n^{d/3})$ for $d\geq6$. Here $\text{{\it RLS\/}}(G)$ and $\text{{\it QLS\/}}(G)$ are the randomized and quantum query complexities of Local Search on $G$, respectively. These improve the previous results by Aaronson [in Proceedings of the Thirty-Sixth Annual ACM Symposium on Theory of Computing, 2004, pp. 465–474], Ambainis (unpublished), and Santha and Szegedy [in Proceedings of the Thirty-Sixth Annual ACM Symposium on Theory of Computing, 2004, pp. 494–501]. Our new algorithms work well when the underlying graph expands slowly. As an application to $[n]^2$, a new quantum algorithm using $O(\sqrt{n}(\log\log n)^{1.5})$ queries is given. This improves the previously best known upper bound of $O(n^{2/3})$ (see Aaronson [in Proceedings of the Thirty-Sixth Annual ACM Symposium on Theory of Computing, 2004, pp. 465–474]), and implies that Local Search on grids exhibits different properties in low dimensions.

SPECIAL SECTION

Select this Article		Special Section On The Thirty-Ninth Annual ACM Symposium On Theory Of Computing (STOC 2007) Eric Allender, Vladlen Koltun, and Maxim Sviridenko, Guest Editors SIAM J. Comput. 39, pp. 978-978 (1 page) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract This issue contains the polished, extended, and fully refereed versions of a selection of papers that were presented at the Thirty-Ninth Annual ACM Symposium on Theory of Computing (STOC 2007), which was held June 11–13, 2007, in San Diego, California, in conjunction with the Federated Computing Research Conference (FCRC 2007). Unrefereed preliminary versions of these papers were published by ACM in the proceedings of the meeting, along with the other papers presented at the symposium. The conference program included 77 papers, selected from among a record 312 submissions by a program committee chaired by Uriel Feige and consisting of Eric Allender, Andris Ambainis, Chandra Chekuri, Artur Czumaj, Yevgeniy Dodis, Michel Goemans, Martin Grohe, Russell Impagliazzo, Valerie King, Robert Kleinberg, Vladlen Koltun, Robi Krauthgamer, Jiří Matoušek, Milena Mihail, Ryan O'Donnell, Vijaya Ramachandran, Leonard Schulman, Maxim Sviridenko, Mikkel Thorup, Salil Vadhan, and Santosh Vempala. The authors of 14 of these 77 papers were invited to submit revised versions for this special section; nine accepted the invitation, although one paper was not completed in time to appear in this volume. One paper that appears in this special issue (by Haitner et al.) is the result of merging a STOC 2007 paper with a FOCS 2006 paper that had been invited for the special issue of SIAM Journal on Computing devoted to FOCS 2006; the authors felt that a single, streamlined paper would be more beneficial to the community, and the editors concurred. The paper by Martin Fürer appearing in this issue is one of two papers that shared the award for best paper in STOC 2007. All of these papers were refereed in accordance with the stringent standards of SIAM Journal on Computing. We thank the anonymous referees and the authors for their efforts, resulting in substantial improvements in the end product. We also thank the rest of the program committee members for their help in the selection process. The three of us listed below are honored to have had the opportunity to serve as guest editors in preparing this special issue.

Select this Article		Faster Integer Multiplication Martin Fürer SIAM J. Comput. 39, pp. 979-1005 (27 pages) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract For more than 35 years, the fastest known method for integer multiplication has been the Schönhage–Strassen algorithm running in time $O(n\log n\log\log n)$. Under certain restrictive conditions, there is a corresponding $\Omega(n\log n)$ lower bound. All this time, the prevailing conjecture has been that the complexity of an optimal integer multiplication algorithm is $\Theta(n\log n)$. We take a major step towards closing the gap between the upper bound and the conjectured lower bound by presenting an algorithm running in time $n\log n\,2^{O(\log^*n)}$. The running time bound holds for multitape Turing machines. The same bound is valid for the size of Boolean circuits.

Select this Article		Low-End Uniform Hardness versus Randomness Tradeoffs for AM Ronen Shaltiel and Christopher Umans SIAM J. Comput. 39, pp. 1006-1037 (32 pages) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract Impagliazzo and Wigderson [Proceedings of the 39th Annual IEEE Symposium on Foundations of Computer Science, IEEE Computer Society, Washington, DC, 1998, pp. 734–743] proved a hardness versus randomness tradeoff for BPP in the uniform setting, which was subsequently extended to give optimal tradeoffs for the full range of possible hardness assumptions (in slightly weaker settings). Gutfreund, Shaltiel, and Ta-Shma [Comput. Complexity, 12 (2003), pp. 85–130] proved a uniform hardness versus randomness tradeoff for AM, but that result worked only on the “high end” of possible hardness assumptions. In this work, we give uniform hardness versus randomness tradeoffs for AM that are near-optimal for the full range of possible hardness assumptions. Following Gutfreund, Shaltiel, and Ta-Shma, we do this by constructing a hitting-set-generator (HSG) for AM with “resilient reconstruction.” Our construction is a recursive variant of the Miltersen–Vinodchandran HSG [Comput. Complexity, 14 (2005), pp. 256–279], the only known HSG construction with this required property. The main new idea is to have the reconstruction procedure operate implicitly and locally on superpolynomially large objects, using tools from PCPs (low-degree testing, self-correction) together with a novel use of extractors that are built from Reed–Muller codes for a sort of locally computable error-reduction. As a consequence we obtain gap theorems for AM (and AM $\cap$ coAM) that state, roughly, that either AM (or AM $\cap$ coAM) protocols running in time $t(n)$ can simulate all of EXP (“Arthur–Merlin games are powerful”) or else all of AM (or AM $\cap$ coAM) can be simulated in nondeterministic time $s(n)$ (“Arthur–Merlin games can be derandomized”) for a near-optimal relationship between $t(n)$ and $s(n)$. As in Gutfreund, Shatiel, and Ta-Shma, the case of AM $\cap$ coAM yields a particularly clean theorem that is of special interest due to the wide array of cryptographic and other problems that lie in this class.

Select this Article		Circuit Lower Bounds for Merlin–Arthur Classes Rahul Santhanam SIAM J. Comput. 39, pp. 1038-1061 (24 pages) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We show that for each $k>0$, $\mathsf{MA}/1$ ($\mathsf{MA}$ with 1 bit of advice) does not have circuits of size $n^k$. This implies the first superlinear circuit lower bounds for the promise versions of the classes $\mathsf{MA}$, $\mathsf{AM}$, and $\mathsf{ZPP}_{\parallel}^{\mathsf{NP}}$. We extend our main result in several ways. For each $k$, we give an explicit language in $(\mathsf{MA}\cap\mathsf{coMA})/1$ which does not have circuits of size $n^k$. We also adapt our lower bound to the average-case setting; i.e., we show that $\mathsf{MA}/1$ cannot be solved on more than $1/2+1/n^k$ fraction of inputs of length $n$ by circuits of size $n^k$. Furthermore, we prove that $\mathsf{MA}$ does not have arithmetic circuits of size $n^k$ for any $k$. As a corollary to our main result, we obtain that derandomization of $\mathsf{MA}/O(1)$ implies the existence of pseudorandom generators computable using $O(1)$ bits of advice.

Select this Article		Survivable Network Design with Degree or Order Constraints Lap Chi Lau, Joseph (Seffi) Naor, Mohammad R. Salavatipour, and Mohit Singh SIAM J. Comput. 39, pp. 1062-1087 (26 pages) \| Cited 1 time Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We present algorithmic and hardness results for network design problems with degree or order constraints. The first problem we consider is the Survivable Network Design problem with degree constraints on vertices. The objective is to find a minimum cost subgraph which satisfies connectivity requirements between vertices and also degree upper bounds $B_v$ on the vertices. This includes the well-studied Minimum Bounded Degree Spanning Tree problem as a special case. Our main result is a $(2,2B_v+3)$-approximation algorithm for the edge-connectivity Survivable Network Design problem with degree constraints, where the cost of the returned solution is at most twice the cost of an optimum solution (satisfying the degree bounds) and the degree of each vertex $v$ is at most $2B_v+3$. This implies the first constant factor (bicriteria) approximation algorithms for many degree constrained network design problems, including the Minimum Bounded Degree Steiner Forest problem. Our results also extend to directed graphs and provide the first constant factor (bicriteria) approximation algorithms for the Minimum Bounded Degree Arborescence problem and the Minimum Bounded Degree Strongly $k$-Edge-Connected Subgraph problem. In contrast, we show that the vertex-connectivity Survivable Network Design problem with degree constraints is hard to approximate, even when the cost of every edge is zero. A striking aspect of our algorithmic result is its simplicity. It is based on the iterative relaxation method, which is an extension of Jain's iterative rounding method. This provides an elegant and unifying algorithmic framework for a broad range of network design problems. We also study the problem of finding a minimum cost $\lambda$-edge-connected subgraph with at least $k$ vertices, which we call the $(k,\lambda)$-subgraph problem. This generalizes some well-studied classical problems such as the $k$-MST and the minimum cost $\lambda$-edge-connected subgraph problems. We give a polylogarithmic approximation for the $(k,2)$-subgraph problem. However, by relating it to the Densest $k$-Subgraph problem, we provide evidence that the $(k,\lambda)$-subgraph problem might be hard to approximate for arbitrary $\lambda$.

Select this Article		Playing Games with Approximation Algorithms Sham M. Kakade, Adam Tauman Kalai, and Katrina Ligett SIAM J. Comput. 39, pp. 1088-1106 (19 pages) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract In an online linear optimization problem, on each period $t$, an online algorithm chooses $s_t\in\mathcal{S}$ from a fixed (possibly infinite) set $\mathcal{S}$ of feasible decisions. Nature (who may be adversarial) chooses a weight vector $w_t\in\mathbb{R}^n$, and the algorithm incurs cost $c(s_t,w_t)$, where $c$ is a fixed cost function that is linear in the weight vector. In the full-information setting, the vector $w_t$ is then revealed to the algorithm, and in the bandit setting, only the cost experienced, $c(s_t,w_t)$, is revealed. The goal of the online algorithm is to perform nearly as well as the best fixed $s\in\mathcal{S}$ in hindsight. Many repeated decision-making problems with weights fit naturally into this framework, such as online shortest-path, online traveling salesman problem (TSP), online clustering, and online weighted set cover. Previously, it was shown how to convert any efficient exact offline optimization algorithm for such a problem into an efficient online algorithm in both the full-information and the bandit settings, with average cost nearly as good as that of the best fixed $s\in\mathcal{S}$ in hindsight. However, in the case where the offline algorithm is an approximation algorithm with ratio $\alpha >1$, the previous approach worked only for special types of approximation algorithms. We show how to convert any offline approximation algorithm for a linear optimization problem into a corresponding online approximation algorithm, with a polynomial blowup in runtime. If the offline algorithm has an $\alpha$-approximation guarantee, then the expected cost of the online algorithm on any sequence is not much larger than $\alpha$ times that of the best $s\in\mathcal{S}$, where the best is chosen with the benefit of hindsight. Our main innovation is combining Zinkevich's algorithm for convex optimization with a geometric transformation that can be applied to any approximation algorithm. Standard techniques generalize the above result to the bandit setting, except that a “barycentric spanner” for the problem is also (provably) necessary as input. Our algorithm can also be viewed as a method for playing large repeated games, where one can compute only approximate best responses, rather than best responses.

Select this Article		Linear Probing with Constant Independence Anna Pagh, Rasmus Pagh, and Milan Ružić SIAM J. Comput. 39, pp. 1107-1120 (14 pages) \| Cited 2 times Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract Hashing with linear probing dates back to the 1950s and is among the most widely studied algorithms. In recent years, it has become one of the most important hash table organizations because it uses the cache of modern computers very well. Unfortunately, previous analyses relied either on complicated and space-consuming hash functions, or on the unrealistic assumption of free access to a hash function with random and independent function values. Carter and Wegman, in their seminal paper on universal hashing, have already raised the question of extending their analysis to linear probing. However, we show in this paper that linear probing using a pairwise independent family may have expected logarithmic cost per operation. On the positive side, we show that 5-wise independence is enough to ensure constant expected time per operation. This resolves the question of finding a space- and time-efficient hash function that provably ensures good performance for linear probing.

Select this Article		Zero-Knowledge Proofs from Secure Multiparty Computation Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai SIAM J. Comput. 39, pp. 1121-1152 (32 pages) Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract A zero-knowledge proof allows a prover to convince a verifier of an assertion without revealing any further information beyond the fact that the assertion is true. Secure multiparty computation allows $n$ mutually suspicious players to jointly compute a function of their local inputs without revealing to any $t$ corrupted players additional information beyond the output of the function. We present a new general connection between these two fundamental notions. Specifically, we present a general construction of a zero-knowledge proof for an NP relation $R(x,w)$, which makes only a black-box use of any secure protocol for a related multiparty functionality $f$. The latter protocol is required only to be secure against a small number of “honest but curious” players. We also present a variant of the basic construction that can leverage security against a large number of malicious players to obtain better efficiency. As an application, one can translate previous results on the efficiency of secure multiparty computation to the domain of zero-knowledge, improving over previous constructions of efficient zero-knowledge proofs. In particular, if verifying $R$ on a witness of length $m$ can be done by a circuit $C$ of size $s$, and assuming that one-way functions exist, we get the following types of zero-knowledge proof protocols: (1) Approaching the witness length. If $C$ has constant depth over $\wedge,\vee,\oplus,\neg$ gates of unbounded fan-in, we get a zero-knowledge proof protocol with communication complexity $m\cdot{poly}(k)\cdot{polylog}(s)$, where $k$ is a security parameter. (2) “Constant-rate” zero-knowledge. For an arbitrary circuit $C$ of size $s$ and a bounded fan-in, we get a zero-knowledge protocol with communication complexity $O(s)+{poly}(k,\log s)$. Thus, for large circuits, the ratio between the communication complexity and the circuit size approaches a constant. This improves over the $O(ks)$ complexity of the best previous protocols.

Select this Article		Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function Iftach Haitner, Minh-Huyen Nguyen, Shien Jin Ong, Omer Reingold, and Salil Vadhan SIAM J. Comput. 39, pp. 1153-1218 (66 pages) \| Cited 1 time Online Publication Date: September 02, 2009 Full Text: \| Download PDF
	+ -	Show Abstract We give a construction of statistically hiding commitment schemes (those in which the hiding property holds against even computationally unbounded adversaries) under the minimal complexity assumption that one-way functions exist. Consequently, one-way functions suffice to give statistical zero-knowledge arguments for any NP statement (whereby even a computationally unbounded adversarial verifier learns nothing other than the fact that the assertion being proven is true, and no polynomial-time adversarial prover can convince the verifier of a false statement). These results resolve an open question posed by Naor et al. [J. Cryptology, 11 (1998), pp. 87–108].

SIAM J. on Computing

SECTION LISTING

BROWSE VOLUMES

2009

Volume 39, Issue 3, pp. 783-1218

† Special Section On The Thirty-Ninth Annual ACM Symposium On Theory Of Computing (STOC 2007)

Your Recent History

Recently Viewed

Find articles by AUTHORNAME