Representation of polynomials

Coefficient Representation
aj xj
Point Value representation
< y0, y1 n-1 > evaluated at < x0, x1 n-1 >
Evaluation at given x
A(x)= a0+ x(a1+ x(a2 a j xj
Choose < x0, x1 n-1 > as the 2n-th roots of unity
k = exp(2 i k/n) = cos(2 k/n) + i sin(2 k/n)
n
 Operation on polynomials
Coefficient representation Point value representation
Addition - O(n) Addition - O(n)
C(x)=A(x)+B(x) C(x)=A(x)+B(x)
C[j]=a[j]+b[j] < yc,i > = < ya,i +yb,i >
Multiplication - O(n2) Multiplication - O(n)
C(x)=A(x) o B(x) C(x)=A(x) B(x)
-k] < yc,i > = < ya,i . yb,i >
convolution element wise
Transform to point value Transform to coefficient
> y = V .a > a = V-1 . y
 Properties of roots of unity
Group under multiplication: kn j
n=
k+j
n
Cancellation: dkdn = kn
Squaring: ( k+n/2n )2 2k
n
n =(
n
k
n )2 =( k
n/2 )
Squares of n complex n-th roots = n/2 complex n/2-th roots
k )j = (( )n - n-1))=0
k k
n n
(k,j) th entry of V is ( kj )
n
(j,k) th entry of V-1 -kj )/n, shown below
n
[V-1 V]jj -kj /n) (
n n
k -j) /n)
n
-1 V] =1; 0 otherwise so that [V-1 V] = I
jj
 Discrete Fourier Transform
< y0, y1 n-1 > = DFT (a0, a1 n-1 )
yk aJ ( kjn aj xj and x= kjn
A[0](x)= a0 + a2 x+ a4 x2 n-2 x
n/2-1

A[1](x)= a1 + a3 x+ a5 x2 n-1 xn/2-1

A(x) = A[0](x2) + x A[1](x2) divide and conquer

Evaluating A[0](x2) at kn Evaluating A[0](x) at kn/2
Therefore problem splits into two equal subproblems
T(n)=2 T(n/2) + O(n) T(n) = O(n lg n)
 Recursive FFT algorithm (a)
Basis: if n==1 return a // n=length[a] = power of 2
Initialize: n=exp(2 i
Recursive DFT:
y[0]= RFFT(a[0]) y[0]k = A[0]( k )
n/2 = A[0] 2k
n)
y[1]= RFFT(a[1]) y[1]k = A[1]( k )
n/2 = A[1] 2k
n)
Combine results
For k= 0 to n/2 -1
yk = y[0]k + [1]k ; yk+n/2 = y[0]k - [1]
k

n
Return column vector y
Inverse DFT is same problem with y replacing a
 Number Theoretic Algorithms
Problem size is linear => proportional to number
of bits needed to store the number in binary
O(n) for number n is exponential complexity
Fast exponentiation x^n linear in width of n
Convert n to binary
Compute successive squares of x (takes O(lg n))
Use binary string to pick relevant powers of x
Example: 3^11 mod 20 = (1*9*3) mod 20 = 7
(3^8 mod 20) (3^2 mod 20)(3^8 mod 20)
 GCD computation
euclid (a,b)
If b==0 then return a
Else return (euclid(b, a mod b))
Correctness: rm+2 is gcd (a,b)
a=q1b+r1, b=q2r1+r2, r1=q3r2+r3 ; ri=qi+2ri+1+ri+2
rm-1=qm+1rm+rm+1 ; rm=qm+2rm+1+rm+2 ; rm+1=qm+3rm+2+0
Now rm+2 divides successively rm+1 , rm, rm-1, a, b
Complexity: gcd(a,b) -> gcd(b,c) -> gcd(c,d) implies b = kc + d
c+d and together with a > b
gives a+b > 2(c+d). Therefore in every two steps, the sum
of the numbers get halved. Hence number of steps (or
calls) would be bounded by log (b) the smaller one.
Worst case: The Fibonacci sequence i.e. a=Fn+1 and b= Fn
 Extended Euclid algorithm
Express GCD (a,b) as linear combination of a,b
Say, d=gcd(a,b) = ax +by -> to find integers x, y

Example: a=289, b=204 => gcd=17 so that x=5 and y= -7

Extended_euclid (a,b)
If b==0
return (a,1,0)
( Extended_euclid(b, a mod b)
(

Apply this to (a.b) mod n =1; a,b are multiplicative inverses mod n.
Example: Find multiplicative inverse of 50 mod 71 is 27,
50 and 71 are relatively prime, since gcd(50,71)=1
 Primality testing

Can be reduced to linear time approximation

ve integer,
ap-1 mod p = 1 i.e. a and p are relatively prime
Is_prime(p)
-1
compute x =(ap-1 ) mod p [fast exponentiation]
if x
else repeat several times, using different

Due to existence of pseudo-primes, condition may fail.

 Pseudo-primes
Number composite, yet obeys ap-1 mod p =1
for certain choice of a Base-a pseudoprime
Base-2 pseudoprime: 341, 561, 645, 1105
Carmichel number: 561, 1105, 1729 (all bases)
Distribution of prime numbers:

Lt n-> INF ln n)] = 1

Implies that density of primes is (n/ln n)
 Miller Rabin test for primality
WITNESS (a,n) If there exists a nontrivial square
x0 ad mod n root of 1, modulo n, then n is
for i=1 to r
composite e.g. take 6^2 (mod 35)
xi xi-1 2 mod n
When pe divides (x2 -1) i.e. (x-1) or
if xi = 1 and xi-1 i-1 -1 (x+1) so that x2 is 1 (mod pe ) which
return TRUE yields solution trivially 1.
if xt then return TRUE While computing each modular
return FALSE exponentiation, Miller Rabin test
MillerRabin (n,s) looks for a nontrivial square root of
1, modulo n during the squaring or
for j=1 to s power raisings.
a=RANDOM(1,n-1)
If it one, it stops and returns
if WITNESS(a,n) return Composite COMPOSITE. This way it fools 561,
return probably prime Carmichel number (shown for a=7)
Example: How Miller Rabin test works
Take p=1729; n=p-1= 27.2.2.2.2.2.2 i.e. r=6, d=27
Pick a=11 (randomly)
Applying modular exponentiation ad (mod n)
gives sequence (11, 121, 809, 919, 809)
This is followed by the sequence upon squaring of
11^27 giving (1331, 1065, 1, ...)
Existence of the 1 in this latter sequence shows
the presence of non-trivial square root of 1.
Otherwise 11^1728 mod 1729 = 1 implies prime.
 Public key cryptosystem
Public key used is P; Private key used is S
Message:
Message encrypted P of receiver by sender
Message decrypted S of receiver used
Cyphertext C = P (M) used for encryption
M = S(C) = S(P(M)) to decrypt the message
Signature:
Signature encrypted with own S by sender
Signature decrypted by recipient with P of sender
Signature encrypted using = S( )
Signature decrypted using = P( )= P(S( ))
Creation of public and private keys
Select at random two large primes p and q
Compute n = pq
Select small odd integer e relatively prime to
(n) = (p-1)(q-1)
Compute d as multiplicative inverse of e
modulo (n) i.e. d.e mod (p-1)(q-1) = 1.
Publish P= (e,n) as public key
Publish S= (d,n) as private key
 RSA cryptosystem Protocol
P(M) = C = Me (mod n)
cyphertext created using public key of recipient, decryption
would need private key of the intended recipient
S(C) = Cd (mod n)
signed using private key of sender, verify with sender public key
If p,q are 256 byte numbers, n is 512 bytes.
P(S(M)) = S(P(M))= Med (mod n); n=pq
Now ed = 1 + k(p-1)(q-1)
Hence Med (mod n) = M(Mp-1 )k(q-1)(mod n)
p-1(mod p) =1

Hence Med (mod n) = M (mod p) = M (mod q)

Chinese Remainder Theorem Med=M (mod pq)
 RSA cryptosystem Protocol
AA (d1,e1,n1) sends M to BB (d2,e2,n2)
AA Encrypts Y1= Me2(mod n2)
AA Signs Y2= Y1d1(mod n1)
AA transmits Y2
BB verifies sign Z1= Y2e1(mod n1)
BB decrypts Z2= Z1d2(mod n2)
Encrypt-Sign-Transmit-Verify sign-Decrypt
 Attacking RSA cryptosystem
Find a number that leaves remainder 2 when
divided by 3 (p) and 3 when divided by 5(q)
Chinese Remainder Theorem
Then n= 2 (mod 3) and n= 3 (mod 5) gives n=8
Such number is unique in the domain [1 .. pq]
n and e are known, can we find d?
We need to know (n) from n
Then we need to factorize n into its prime factors
but integer factorization is hard.
Single Source Shortest Path Problem
Given a directed graph G = (V,E), with non-
negative costs on each edge, and a selected
source node v in V, for all w in V, find the cost of
the least cost path from v to w.
The cost of a path is simply the sum of the costs
on the edges traversed by the path.
This problem is a general case of the more
common subproblem, in which we seek the least
cost path from v to a particular w in V. In the
general case, this subproblem is no easier to
solve than the SSSP problem.
 Dijkstra's Algorithm
Dijkstra's algorithm is a greedy algorithm for the SSSP problem.
A "greedy" algorithm always makes the locally optimal choice under
the assumption that this will lead to an optimal solution overall.
Data structures used by Dijkstra's algorithm include:
a cost matrix C, where C[i,j] is the weight on the edge connecting
node i to node j. If there is no such edge, C[i,j] = infinity.
a set of nodes S, containing all the nodes whose shortest path from
the source node is known. Initially, S contains only the source node.
a distance vector D, where D[i] contains the cost of the shortest
path (so far) from the source node to node i, using only those nodes
in S as intermediaries.
How Dijkstra's Algorithm Works
On each iteration of the main loop, we add vertex
w to S, where w has the least cost path from the
source v (D[w]) involving only nodes in S.
We know that D[w] is the cost of the least cost
path from the source v to w (even though it only
uses nodes in S).
If there is a lower cost path from the source v to
w going through node x (where x is not in S) then
D[x] would be less than D[w]
x would be selected before w
x would be in S
SSSP - One illustration
Edge relaxation
Algorithm
Correctness of the algorithm
Analysis of Dijkstra's Algorithm
Consider the time spent in the two loops:
The first loop has O(N) iterations, where N is the
number of nodes in G.
The second (and outermost) loop is executed O(N)
times.
The first nested loop is O(N) since we examine each vertex
to determine whether or not it is in V-S.
The second nested loop is O(N) since we examine each
vertex to determine whether or not it is in V-S.
The algorithm is O(N^2).
If we assume that there are many fewer edges than the
maximum possible, we can do better than this.
 Complexity of algorithms
Polynomial time: worst case O(nk)
Super polynomial time: solvable but not in
Polynomial time
Unknown status: no Polynomial time
algorithm found, no proof of Super Polynomial
time lower bound
 Models of computation
Serial random access machine
Parallel random access machine
Abstract Turing machine
 Complexity Classes
P: problems that can be solved in polynomial time
(typically in n, size of input) on a deterministic Turing
machine (DTM)
Any normal computer simulates a DTM
NP: problems that can be solved in polynomial time
on a non-deterministic Turing machine (NDTM)
verify
the solution in P time (on a DTM)
NP does NOT stand for non-polynomial, since there are
problems harder than NP
P is actually a subset of NP (we think)
Complexity Classes Overview
NP-hard
At least as hard as any
known NP problem (could
be harder!)
Set of interrelated
problems that can be
solved by reducing to
another known problem
NP-Complete
A problem that is in NP and
NP-hard

SATISFIABILITY (SAT) is NPC

Other NPC problems
Reduce to SAT or previous
reduced problem
 Problem definitions
Abstract problem Q is a binary relation on a set I of
problem instances and set S of solutions
G=(V,E) : Instances of shortest path
Solution: sequence of vertices for abstract problem
Decision problem: I --> {0,1} is a given path of length
less than some threshold
The decision problem is as complex as the abstract
problem
The abstract problem is optimization problem and
decision problem somehow maps it to binary.
 Problem encoding
Unary encoding integer k represented using k
ones somewhat like Roman number system
Binary encoding length n = floor(lg k)
Linear complexity in unary encoding => log
complexity in binary encoding
Linear complexity in binary encoding =>
exponential complexity in unary encoding
Two encodings e1 and e2 are related polynomially
f12(e1(i))=e2(i) and f21(e2(i))=e1(i)
 P-time Reducibility
Let Q be an abstract decision problem on an
instance set I and encodings e1 and e2 are related
polynomially on I then e1 (Q) P iff e2 (Q) P

Language L1 is P-time reducible to L2 denoted as

L1 P L2 implies there is a P-time computable
reduction function f:{0,1}* {0,1}* such that for
all x {0,1}* we have x L1 iff f(x) L2
Hence for L1 P L2 then L2 P implies L1 P
Reduction mapping
The algorithm F is a
reduction algorithm
Computes the reduction
function f from L1 to L2 in
P-time
A2 is P-time algorithm
that decides L2.
A1 decides whether x L1
by using F to transform
any input x into f(x) and
then using A2 to decide
whether f(x) L2
 Notion of NP Completeness
Class P if there exists an algorithm A that decides L in
polynomial time then L P
For 2-input P-time algorithm A and constant c, L= {x
{0,1}*: there exists a certificate y with |y| = O(|x|c)
such that A(x,y)=1}
If algorithm A verifies language L in P-time, then L NP
In case L P then L NP (solved => verifiable)
Property-1: L NP; Property- P NP
When both properties hold then L NPC
If only property-2 holds, then L NP-Hard
 Theorem of NP-Completeness
If any NPC problem is P-time solvable, P=NP

PL (property-
belongs to P (reduce and solve)
If any problem in NP is not P-time solvable,
then all NPC problems are not P-time solvable

P. Then L P
 Circuit Satisfiability Problem
Take any algorithm that produces output for
given input in P-time => verification => NP
Can map this into program steps
Each program step maps to combinational circuit
Paste these circuits - maps to overall circuit
Program I/O maps to circuit I/O in P-time
All such algorithms are reducible ( P ) to CSAT
CSAT is therefore NPC
Such proof outline possible only for CSAT
Algorithm as computation sequence
Proof of NP-completeness for some L
Prove L belongs to NP (verification decision)

Describe an algorithm that computes f, which is a

Prove for all x, f satisfies x iff f(x) L

Prove algorithm computing f runs in P-time
CSAT P FSAT P 3CNF-SAT P CLIQUE P
VERTEX-COVER P SUBSET-SUM (0-1 knapsack)
CSAT P FSAT P 3CNF-SAT P HC P TSP
 Clique of a graph
Clique of size k: Find a subset of k vertices that
are connected through edges to be found in E.
Brute force - to check clique in all |k| subsets
runs in superpolynomial time C(|V|,k)
Start from 3CNF: Boolean formula with k AND-
ed clauses, each clause having 3 OR-ed literals
The graph should be such that the formula is
satisfiable iff the graph has a clique of size k
Reduction:- 3CNF-SAT P CLIQUE
For each clause C_r place triple vertices v_1r, v_2r, v_3r for
the 3 literals l_1r, l_2r, l_3r
Construct an edge between v_ir and v_ js when they fall in
different clauses (r and s) AND their corresponding literals l_ir
and l_ js are consistent i.e. l_ir not negation of l_ js
When formula has a satisfying assignment, each clause has at
least one 1 (OR within each clause and k such AND-ed clauses)
resulting in k vertices. They form a clique since edges can be
found by way of above construction.
Conversely suppose G has a clique of size k. Since no edges in
V connect same triple, this set has one vertex (read literal) per
triple (read clause). We can assign 1 to each such literal since
G has no edge between inconsistent literals. So each clause
gets satisfied and the formula also gets satisfied.
Example: 3-CNF formula to graph
Hallmarks of the CLIQUE mapping
The graph constructed here is of a special kind since
vertices here occur as triplets with no edges between
vertices in same triplet
This CLIQUE happens in restricted case but the
corresponding 3CNF case is very general
But if we had a polynomial-time algorithm that solved
CLIQUE on general graphs, it would also solve CLIQUE on
restricted graphs.
Opposite approach is however not enough in case an easy
3CNF instance were mapped, the NP-hard problem does
not get mapped
The reduction uses instances, not the solution actually we
do not know whether we can decide 3CNF-SAT in P-time!
Intuitive Mapping: 3CNF-SAT to HC
One approach is to follow the reduction from clique:
CLIQUE P VERTEX-COVER P P Hamiltonian Path P HC
Direct approach - Encode an instance I of 3-SAT as a
graph G such that I is satisfiable exactly when G has HC
Create some graph that represents the variables
Create some graph that represents the clauses (each
clause has exactly three literals/variables)
Hook up the variables with the clauses such that the
formula gets encoded
Show that this graph has HC iff the formula in
conjunctive normal form is satisfiable.
 Reduction HC to TSP
Travelling Salesman Problem works on complete graph
G=(V,E) with cost function c defined from VxV -> Z with k Z
and G has a TSP tour with cost at most k
Let G=(V,E) be an instance of HC. Form the complete graph
Vi,Vj) with k=0
c(i,j) = 0 if (i,j) E and c(i,j) = 1 if (i,j) -E

which in turn implies that G has HC => HC P TSP (NP-hard)

Since a TSP tour can be verified in P-time it is in NP and
together with it being NP-hard therefore TSP NPC.
Branch & Bound approximation for TSP
B&B algorithm performs a top-down recursive search through
the tree of instances formed by the branch operation.
Upon visiting an instance I, it checks whether bound(I) is
greater than the upper bound for some other instance that it
already visited; if so, I may be safely discarded from the
search and the recursion stops.
This pruning step is usually implemented by maintaining a
global variable that records the minimum upper bound seen
among all instances examined so far.
Generic B&B is related with backtracking as in DFS traversals
And the journey continues...