View
218
Download
0
Category
Preview:
Citation preview
1
2
OverviewOverview
Some basic mathError correcting codesLow degree polynomials Introduction to consistent readers and
consistency tests
H.W
3
FieldsFields
Definition (field): A set F with two binary operations + (addition) and · (multiplication) is called a field if
6 a,bF, a·bF7 a,b,cF, (a·b)·c=a·(b·c)8 a,bF, a·b=b·a9 1F, aF, a·1=a10 a0F, a-1F, a·a-1=1
1 a,bF, a+bF2 a,b,cF, (a+b)+c=a+
(b+c)3 a,bF, a+b=b+a4 0F, aF, a+0=a5 aF, -aF, a+(-a)=0
11 a,b,cF, a·(b+c)=a·b+a·c
+,·,0, 1,-a and a-1
are only notations!
4
Finite FieldsFinite Fields
Definition (finite field): A finite set F with two binary operations + (addition) and · (multiplication) is called a finite field if it is a field.
Example: Zp denotes {0,1,...,p-1}. We define + and · as the addition and multiplication modulo p respectively.
One can prove that (Zp,+,·) is a field iff p is prime. Throughout the presentations we’ll usually refer to Zp when we’ll mention finite fields.
5
Strings & Functions (1)Strings & Functions (1)
Let = 0 2 . . . n-1, where i.We can describe the string as a function : {0…n-1} , such that i (i) = i.
Let f be a function f : D R. Then f can be described as a string in R|D|, spelling f’s value on each point of D.
6
Strings & Functions - ExampleStrings & Functions - Example
For example, let f be a function f : Z5 Z5, and let = Z5.
f(x) = x2 = 0, 1, 4, 4, 1
7
1001110
Introduction to Error Correcting Introduction to Error Correcting CodesCodes
Motivation:
communication line
original message
1001110
received message
1101110
1
“noise”
We’d like to still be able to reconstruct the original message
8
Error Correcting CodesError Correcting Codes
Definition (encoding): An encoding E is a function E : n m, where m >> n.
Definition (-code): An encoding E is an-code if n (E(),E()) 1 - , where (x,y) (the Hamming distance), denotes the fraction of entries on which x and y differ.
Note that :mmR+ is indeed a distance function, because it satisfies:
(1) x,ym (x,y)0 and (x,y)=0 iff x=y
(2) x,ym (x,y)=(y,x)
(3) x,y,zm (x,z)(x,y)+(y,z)
9
-code: illustration-code: illustration
E1-
D R
10
Univariate PolynomialsUnivariate Polynomials
Definition (univariate polynomial): a polynomial in x over a field F is a function P:FF, which can be written as
for some series of coefficients a0,...,ar-1F.
The natural number r is called the degree-bound of the polynomial.
1
0
)(r
j
jj xaxP
Note: A polynomial whose degree-bound is r
is of degree at most r-1 !
11
Univariate InterpolationUnivariate Interpolation
Given x0,y0,...,xr-1,yr-1F there is a single univariate polynomial P and degree-bound r, which satisfies 0kr-1 P(xk)=yk
(Lagrange’s formula)
The process of finding the coefficients of a polynomial given its value in r points is called interpolation.
Let’s check the value of this polynomial in x = xt
for some 0 t r-1:
Since the degree-boundof this polynomial is r, we
in fact proved the correctness of the formula
a-b denotes a+(-b) a/b denoted a•(b-1)
1
0 )(
)(
)(r
kkj
jk
kjj
k xx
xx
yxP
1
0 )(
)(
)(r
kkj
jk
kjjt
kt xx
xx
yxP
tjjt
tjjt
ttk
kjjk
kjjt
kt xx
xx
yxx
xx
yxP)(
)(
)(
)(
)( 0 yt
1
0 )(
)(
)(r
kkj
jk
kjj
k xx
xx
yxP
If there are two such polynomials: p1 & p2, then p1-p2 is a polynomial with degree-bound r, which has r roots. This contradicts the fundamental theorem of
Algebra!
12
A Generic A Generic -code-code
Set F to be the finite field Zp for some prime p, and assume for simplicity that = F and m = p.
Given n, let E() be the string of the function f : F F that satisfies:f is the unique polynomial of degree-bound n such that f(i) = i for all 0 i n-1.
13
A Generic A Generic -code (2)-code (2)
E() can be interpolated from any n points.
Hence, for any , E() and E() may agree on at most n – 1 points.
Therefore, E is an (n – 1) / m - code.
14
A Generic A Generic -code - Example-code - Example
p = m = 5, n = 2
= 1, 2 = 3, 1
f(x) = x + 1f(x) = 3x + 3
E() = 1, 2, 3, 4, 0E() = 3, 1, 4, 2, 0
15
Strings & Functions (2)Strings & Functions (2)
We can describe any string as a function f:Hd H (H is a finite field, d is a positive integer).
Given a n we’ll achieve that by choosing H=Zq, where q is the smallest prime greater than ||, and d=logqn.
16
Multivariate PolynomialsMultivariate Polynomials
Definition (polynomial): Let F be a field and let d be some positive integer number. A function p:FdF is a polynomial if it can be written as
for some series of coefficients in the field.h is the degree-bound on each one of the
variables.The total-degree of the polynomial is max{ i0+…+id-1 : ai0…id-1 0 }.
1
0
1
010,...,10
0 1
10
10......),...,(
h
i
h
i
id
iiid
d
d
dxxaxxp
17
-Codes - Home Assignment-Codes - Home Assignment
We’ve seen that univariate polynomials over a finite field F with degree-bound r are -codes for = (r-1)/|F|.
For which multivariate polynomials (over a finite field F, with degree-bound h in each variable and dimension d) are -codes?
Next
18
CurvesCurves
Definition (curve): Let F be a field and let d be some natural number. A (univariate) curve is a function :F Fd of the form
where p1,...,pd are univariate polynomials over F.The degree-bound of is the maximum over the degree-bounds of the polynomials.
))(),...,(()( 1 xpxpx d
19
Vector SpacesVector Spaces
Definition (vector space): Let F be a field and V a set. V is a vector space over F if a binary addition + is defined over V and a scalar multiplication · is defined over V and F s.t
1 u,vV, u+vV2 u,v,wV, (u+v)+w=u+
(v+w)3 u,vV, u+v=v+u4 0V, vV, v+0=v5 vV, -vV, v+(-v)=0
6 vV, aF a·vV7 u,vV, aF a(u+v)=au+av8 vV, a,bF (a+b)v=av+bv9 vV, a,bF (ab)v=a(bv)10 vV, 1·v=v
20
Vector Spaces - ExampleVector Spaces - Example
Let F be a field and let n be a natural number. Fn = { (a1,...,an) | a1,...,anF } is a vector space
over Fwhere for any (a1,...,an),(b1,...,bn)Fn
(a1,...,an) + (b1,...,bn) = (a1+b1,...,an+bn)
and for any (a1,...,an)Fn and cF
c•(a1,...,an) = (c•a1,...,c•an)
21
SubspacesSubspaces
Definition (subspace): A subset W of a vector space V (over a field F) is called a subspace of V if W itself is a vector space over the addition and scalar multiplication operations of V.
22
Affine SubspacesAffine Subspaces
Definition (affine subspace): Let V be a vector space. UV is an affine subspace of V if there exist a subspace W of V and a vV, such that
U = { u | wW : u = w + v }
23
Linear CombinationsLinear Combinations
Definition (linear combination): Let V be a vector space over some field F. Let v1,...,vkV and let a1,...,akF. The sum a1v1+...+akvk is called a linear combination of v1,...,vk with the coefficients a1,...,ak.
Definition (linear dependent): A set of vectors {v1,...,vk} in some vector space V over a field F is linear dependent if there exist a1,...,akF and an 1ik for which ai0, s.t a1v1+...+akvk=0.
Vectors which are not linear dependent are called linear independent.
24
BasisBasis
Definition (Span): Let V be a vector space over some field F. Let KV. Span(K) denotes the subspace of all the linear combination of members of K.
Definition (Basis): Let B{0} be a subset of a vector space V. B is called a basis for V if (a) B is linear independent.(b) Span(B)=V.
25
DimensionsDimensions
Definition (dimension): The number of vectors in any basis of a vector space is called its dimension.
Similarly, the dimension of an affine subspace is the dimension of its corresponding subspace.
26
Restriction of PolynomialsRestriction of Polynomials
Definition (restriction of a polynomial to an affine subspace): Let U be an affine subspace of Fd (where F is a field and d is a positive integer). Let p:FdF be a polynomial. The restriction of p to U is p’:UF, uU p’(u)=p(u).
Definition (restriction of a polynomial to a curve): Let :FFd be a curve (where F is a field and d is a positive integer). Let p:FdF be a polynomial. The restriction of p to is p’(x)=p((x)).
27
Restriction of Restriction of Polynomials - Home Polynomials - Home AssignmentAssignment[1] Prove that the restriction of p to U is a
polynomial. What are its degree-bound and dimension?
[2] The same for .
Next
28
Low Degree Extension (LDE)Low Degree Extension (LDE)
Definition (low degree extension): Let : Hd H be a string (where H is some finite field).
Given a finite field F, which is a superset of H, we define a low degree extension of to F as a polynomial LDE : Fd F which satisfies:
LDE agrees with on Hd (extension).
The degree-bound of LDE is |H| in each variable (low degree).
29
LDE - Home AssignmentLDE - Home Assignment
Let {0,1}n. Write down an expression for LDE.
30
Reading a valueReading a value
Goal: To be able to find the value of an LDE in any point (set of points) of Fd.
LDEx LDE(x)
31
Straightforward ApproachStraightforward Approach
x LDE(x)
Represent the LDE by its coefficients.
Alas, this will require access to |H|d
variables, log|F| bits each, each time!
the coefficients of the dimension-d, degree-bound- |H| LDE
32
““Tricky” ApproachTricky” Approach
x LDE(x)
the value of the LDE in every point in Fd
Represent the LDE by its values in the points of Fd.
Now we only need access to one variable (log|F| bits) each time.
But now we encounter a new problem: we cannot be sure the values we are given are consistent, i.e. correspond to a single dimension-d, degree-bound-|H| polynomial.
33
Consistent ReadersConsistent Readers
In the upcoming lectures we’ll see how to build readers which:
access only a small number of the variables each time.
detect inconsistency with high probability.
We’ll later weaken this notion
34
vv
v
v
v
v
v
v
vv
v
v
v
v
Consistency TestsConsistency Tests
Suppose we have a set of variables which represent the LDE in some manner.A consistency test is a set of local tests.
If the values of the variables are consistent, all the local tests accept.
Otherwise a random test should reject w.h.p.
35
Corresponding GameCorresponding Game
Prover sets values to all variables in the representation.
Verifier picks randomly a single local-test and accepts or rejects according to its output.
The error-probability of a test is the fraction of local tests that may accept although the assigned values do not conform to global consistency.
36
Corresponding GameCorresponding Game
P(0,0,0)
P(0,0,1)
P(0,0,2)
P(0,0,3)
P(0,0,4)
P(0,0,5)
P(0,0,6)
P(0,1,0)
P(0,1,1)
P(0,1,2)
P(0,1,3)
P(0,1,4)
P(0,1,5)
P(0,1,6)
P(0,2,0)
P(0,2,1)
P(0,2,2)
P(0,2,3)
P(0,2,4)
P(0,2,5)
P(0,2,6)
P(0,3,0)
P(0,3,1)
P(0,3,2)
P(0,3,3)
P(0,3,4)
P(0,3,5)
P(0,3,6)
P(6,6,0)
P(6,6,1)
P(6,6,2)
P(6,6,3)
P(6,6,4)
P(6,6,5)
P(6,6,6)
P(0,0,0)
P(0,0,1)
P(0,0,2)
P(0,0,3)
P(0,0,4)
P(0,0,5)
P(0,0,6)
3P(0,1,1)
P(0,1,2)
P(0,1,3)
P(0,1,4)
P(0,1,5)
P(0,1,6)
P(0,2,0)
P(0,2,1)5P(0,2,3
)P(0,2,4)
P(0,2,5)
P(0,2,6)
P(0,3,0)
P(0,3,1)
P(0,3,2)
P(0,3,3)
P(0,3,4)
P(0,3,5)
P(0,3,6)
P(6,6,0)
P(6,6,1)
P(6,6,2)
P(6,6,3)2P(6,6,5
)P(6,6,6)
Recommended