In this case the p is supposed to be a subscript. Is it supposed to mean less than or equal polynomial time?
A ≤p B means that there is a polynomial-time many-one reduction from A to B, i.e., there exists a polynomial-time computable function f such that, for every string x, we have x in A if and only if f(x) in B.
Related
When reading formal descriptions of the lambda calculus, the set of variables seems to always be defined as countably infinite. Why this set cannot be finite seems clear; defining the set of variables as finite would restrict term constructions in unacceptable ways. However, why not allow the set to be uncountably infinite?
Currently, the most sensible answer to this question I have received is that choosing a countably infinite set of variables implies we may enumerate variables making the description of how to choose fresh variables, say for an alpha rewrite, natural.
I am looking for a definitive answer to this question.
Most definitions and constructs in maths and logic include only the minimal apparatus that is required to achieve the desired end. As you note, more than a finite number of variables may be required. But since no more than a countable infinity is required, why allow more?
The reason that this set is required to be countable is quite simple. Imagine that you had a bag full of the variables. There would be no way to count the number of variables in this bag unless the set was denumerable.
Note that bags are isomorphic to sacks.
Uncountable collections of things seem to usually have uncomputable elements. I'm not sure that all uncountable collections have this property, but I strongly suspect they do.
As a result, you could never even write out the name of those elements in any reasonable way. For example, unlike a number like pi, you cannot have a program that writes out the digits Chaitin's constant past a certain finite number of digits. The set of computable real numbers is countably infinite, so the "additional" reals you get are uncomputable.
I also don't believe you gain anything from the set being uncountably infinite. So you would introduce uncomputable names without benefit (as far as I can see).
Having a countable number of variables, and a computable bijection between them and ℕ, lets us create a bijection between Λ and ℕ:
#v = ⟨0, f(v)⟩, where f is the computable bijection between 𝕍 and ℕ (exists because 𝕍 is countable) and ⟨m, n⟩ is a computable bijection between ℕ2 and ℕ.
#(L M) = ⟨1, ⟨#L, #M⟩⟩
#(λv. L) = ⟨2, ⟨#v, #L⟩⟩
The notation ⌜L⌝ represents c_{#L}, the church numeral representing the encoding of L. For all sets S, #S represents the set {#L | L ∈ S}.
This allows us to prove that lambda calculus is not decidable:
Let A be a non-trivial (not ∅ or Λ) set closed under α and β equality (if L ∈ A and L β= M, M ∈ A). Let B be the set {L | L⌜L⌝ ∈ A}. Assume that set #A is recursive. Then f, for which f(x) = 1 if x ∈ A and 0 if x ∉ A, must be a μ-recursive function. All μ-recursive functions are λ-definable*, so there must be an F for which:
F⌜L⌝ = c_1 ⇔ ⌜L⌝ ∈ A
F⌜L⌝ = c_0 ⇔ ⌜L⌝ ∉ A
By letting G ≡ λn. iszero (F ⟨1, ⟨n, #n⟩⟩) M_0 M_1, where M_0 is any λ-term in B and M_1 is any λ-term not in B. Note that #n is computable and therefore λ-definable.
Now just ask the question "Is G⌜G⌝ in B?". If yes, then G⌜G⌝ = M_1 ∉ B, so G⌜G⌝ could not have been in B (remember that B is closed under β=). If no, then G⌜G⌝ = M_0 ∈ B, so it must have been in B.
This is a contradiction, so A could not have been recursive, therefore no closed-under-β= non-trivial set is recursive.
Note that {L | L β= true} is closed under β= and non-trivial, so it is therefore not recursive. This means lambda calculus is not decidable.
* The proof that all computable functions are λ-definable (we can have a λ-term F such that F c_{n1} c_{n2} ... = c_{f(n1, n2, ...)}), as well as the proof in this answer, can be found in "Lambda Calculi With Types" by Henk Barendregt (section 2.2).
Someone asked me this question and I found I could not answer it even after spending some time re-reading my college textbooks. Specifically, here is the definition of co-NP in many text books:
Definition 1
"a problem A is in co-NP if and only if there is a polynomial time procedure V (·, ·) and a polynomial bound p() such that x ∈ A if and only if ∀y : |y| ≤ p(|x|), V (x, y) = 1"
Doesn't this mean that if A is in co-NP, then it MUST have a certificate (because every y would be a certificate) and therefore, A is also in NP?
With some thoughts, I am not sure the above definition is correct. Given the following definition of NP:
Definition 2
"a decision problem A is in NP if and only if there is a polynomial time
procedure V (·, ·) and a polynomial time bound p() such that x ∈ A if and only if ∃y.|y| ≤ p(|x|) ∧ V (x, y) = 1"
The straightforward definition for co-NP seems to be:
Definition 3
"a decision problem A is in co-NP if and only if there is a polynomial time bound p() such that x ∈ A if and only if ∀y : |y| ≤ p(|x|) there does NOT exist a polynomial time procedure V(.,.) such that V (x, y) = 1"
However, Definition 3 is not equivalent to Definition 1, because V(.,.) can be undecidable. Am I missing anything? Thanks!
Doesn't this mean that if A is in co-NP, then it MUST have a certificate (because every y would be a certificate) and therefore, A is also in NP?
No. V is not a verifier for problem A in the sense of the definition of NP. For V to be a verifier in that sense, we would need to be able to determine x ∈ A by finding a single y such that V(x, y) = 1. With this V, we need to check all possible values of y.
Your proposed "straightforward definition" of co-NP is wrong. For any problem A, we could pick V to be the procedure that ignores its arguments and immediately returns 1. Thus, by your definition, no problems would be in co-NP.
I'm looking for a speedy algorithm to find the roots of a univariate polynomial in a prime finite field.
That is, if f = a0 + a1x + a2x2 + ... + anxn (n > 0) then an algorithm that finds all r < p satisfying f(r) = 0 mod p, for a given prime p.
I found Chiens search algorithm https://en.wikipedia.org/wiki/Chien_search but I can't imagine this being that fast for primes greater than 20 bits. Does anyone have experience with Chien's search algorithm or know a faster way? Is there a sympy module for this?
This is pretty well studied, as mcdowella's comment indicates. Here is how the Cantor-Zassenhaus random algorithm works for the case where you want to find the roots of a polynomial, instead of the more general factorization.
Note that in the ring of polynomials with coefficients mod p, the product x(x-1)(x-2)...(x-p+1) has all possible roots, and equals x^p-x by Fermat's Little Theorem and unique factorization in this ring.
Set g = GCD(f,x^p-x). Using Euclid's algorithm to compute the GCD of two polynomials is fast in general, taking a number of steps that is logarithmic in the maximum degree. It does not require you to factor the polynomials. g has the same roots as f in the field, and no repeated factors.
Because of the special form of x^p-x, with only two nonzero terms, the first step of Euclid's algorithm can be done by repeated squaring, in about 2 log_2 (p) steps involving only polynomials of degree no more than twice the degree of f, with coefficients mod p. We may compute x mod f, x^2 mod f, x^4 mod f, etc, then multiply together the terms corresponding to nonzero places in the binary expansion of p to compute x^p mod f, and finally subtract x.
Repeatedly do the following: Choose a random d in Z/p. Compute the GCD of g with r_d = (x+d)^((p-1)/2)-1, which we can again compute rapidly by Euclid's algorithm, using repeated squaring on the first step. If the degree of this GCD is strictly between 0 and the degree of g, we have found a nontrivial factor of g, and we can recurse until we have found the linear factors hence roots of g and thus f.
How often does this work? r_d has as roots the numbers that are d less than a nonzero square mod p. Consider two distinct roots of g, a and b, so (x-a) and (x-b) are factors of g. If a+d is a nonzero square, and b+d is not, then (x-a) is a common factor of g and r_d, while (x-b) is not, which means GCD(g,r_d) is a nontrivial factor of g. Similarly, if b+d is a nonzero square while a+d is not, then (x-b) is a common factor of g and r_d while (x-a) is not. By number theory, one case or the other happens close to half of the possible choices for d, which means that on average it takes a constant number of choices of d before we find a nontrivial factor of g, in fact one separating (x-a) from (x-b).
Your answers are good, but I think I found a wonderful method to find the roots modulo any number: This method based on "LATTICES". Let r ≤ R be a root of mod p. We must find another function such as h(x) such that h isn't large and r is root of h. Lattice method find this function. At the first time, we must create a basis of polynomial for lattice and then, with "LLL" algorithm, we find a "shortest vector" that has root r without modulo p. In fact, we eliminate modulo p with this way.
For more explanation, refer to "Coppersmith D. Finding small solutions to small degree polynomials. In Cryptography and lattices".
Let L be a language s.t. for every natural n, the number of words of length n in L is n.
The alphabet is {0,1}.
And let's assume that L is NP. Why L-complement is also in NP?
Since L is in NP it is decidable (recursive) and so is its complement L'. Now, L' may or may not be in NP. But we are given that for any string length n, exactly one string belong to L, which means for any string length all but one string belong to L'.
Now, definition of NP says that all "yes" instances of the problem can be solved in polynomial time using a nondeterministic TM. So, given an instance of , we non-deterministically take all words of length n, where n is the length of w, and see if it is in L. As soon as we get the word (such a word is sure to exist as exactly one word of length n belong to L), we see if this word is same as x. If it is not same (and only if it is not same), x in L' and we get this answer in polynomial time making L' an NP problem.
If it is known a-priori that L has the property that there are exactly n words of length n in L, then your statement follows. In fact, this works for any polynomial amount of words in L. In other words, if we allow there to be poly(n) words in L with poly(n) known a-priori, the idea still works. To see this, note that to find all words of length n is L is also in NP since there is a polynomial number of them.
To see if s in {0,1}* is in L-complement, just form the certificate for all words of length |s|, and see if s is one of the words. If s is one of the words, then of course, s is in L, and if s is not one of the words, s is in L-complement.
This is part of a bigger question. Its actually a mathematical problem. So it would be really great if someone can direct me to any algorithm to obtain the solution of this problem or a pseudo code will be of help.
The question. Given an equation check if it has an integral solution.
For example:
(26a+5)/32=b
Here a is an integer. Is there an algorithm to predict or find if b can be an integer. I need a general solution not specific to this question. The equation can vary. Thanks
Your problem is an example of a linear Diophantine equation. About that, Wikipedia says:
This Diophantine equation [i.e., a x + b y = c] has a solution (where x and y are integers) if and only if c is a multiple of the greatest common divisor of a and b. Moreover, if (x, y) is a solution, then the other solutions have the form (x + k v, y - k u), where k is an arbitrary integer, and u and v are the quotients of a and b (respectively) by the greatest common divisor of a and b.
In this case, (26 a + 5)/32 = b is equivalent to 26 a - 32 b = -5. The gcd of the coefficients of the unknowns is gcd(26, -32) = 2. Since -5 is not a multiple of 2, there is no solution.
A general Diophantine equation is a polynomial in the unknowns, and can only be solved (if at all) by more complex methods. A web search might turn up specialized software for that problem.
Linear Diophantine equations take the form ax + by = c. If c is the greatest common divisor of a and b this means a=z'c and b=z''c then this is Bézout's identity of the form
with a=z' and b=z'' and the equation has an infinite number of solutions. So instead of trial searching method you can check if c is the greatest common divisor (GCD) of a and b
If indeed a and b are multiples of c then x and y can be computed using extended Euclidean algorithm which finds integers x and y (one of which is typically negative) that satisfy Bézout's identity
(as a side note: this holds also for any other Euclidean domain, i.e. polynomial ring & every Euclidean domain is unique factorization domain). You can use Iterative Method to find these solutions:
Integral solution to equation `a + bx = c + dy`