simple affine extractors using dimension expansion

Simple Affine Extractors using Dimension Expansion.

Matt DeVos and Ariel Gabizon

Vague Definition: A pseudorandom object(e.g. graph, function) has some nice property a random object would have with high probability.

For example: A graph that has no large cliquesor large independent sets. The field of pseudorandomness aims to

explicitly construct pseudorandom objects.

Pseudorandomness

Efficient

Det. Alg.

Explicitly constructing pseudorandom objects

bad objects

Universe of exp(n) objects

good object

Why do we want to explicitly construct pseudorandom objects?

-Insight into the computational power(lessnes) of randomness

-Useful tools in derandomizing algorithms (good example-expanders!)

Still, is constructing pseudorandom objects more meaningful than making money, or trying to become famous?

Thm: Pseudorandomness is meaningless Theoretical Computer Science is meaningless

NP machine

PNP by explicitly constructing pseudorandom objects

functions with poly-size circuits

functions on n bits

function in NP without poly-size

circuits

The nice property can usually be phrased as avoiding a not too large set of bad events.

Example: A function of high circuit complexity avoids the event `being computed by circuit C’ for all small circuits C.

Circuits are hard to understand – let’s first work with bad events that are easier to understand.

The bad event in this paper – a function that is biased on an affine subspace.

Affine Extractors

Finite field F, with |F|=q (q=pl for prime p)Vector Space Fn

An affine extractor is a coloring of Fn such that any large enough affine subspace is colored in a balanced way

For simplicit

y assume only 2 colors

Fn

Just to make sure..

An affine subspace XµFn of dim. k Defined by vectors a(1),…,a(k),b2Fn where a(1),

…,a(k) are independent

X={ (j=1 to k) tj¢a(j) + b|t1,…,tk2F}

Now, more formally.. An affine extractor for dim k, field size q

and error ² is a function D:Fn{0,1} such that for any affine

subspace XµFn of dim k |PrxX(D(x) =1 ) - ½|·²(We will omit ² from now on, think of it as 1/100)

Intuition: D `extracts’ a random bit for the uniform distribution on X.

1/100

Feeling the parameters..k-dimension of subspaceq- field size

k larger problem easier (need to be unbiased only on larger subspaces)

q smaller problem harder(subspaces have less structure - are closed under scalar multiplication from smaller field)

Random function D:Fn{0,1} is w.h.p an affine extractor when q=2 and k = 5¢logn

Previous results and ours: (explicit)G-Raz: Affine Extractor for all k¸1, when

q>n2.Bourgain: Affine Extractor for k=®¢n, for

any constant ®>0, and q=2. (exponentially small error)

Our result: Affine Extractor for all k¸1 , when q=((n/k)2)

Simple Construction and Proof! However: need char(F)=(n/k) (have weaker

result for arbitrary characteristic)

Warm UpSuppose q>n. How can we get a function

f:FnF that is non-constant on lines?

i.e, for every a0, b2Fn want g(t) , f(a¢t + b) = f(a1¢t + b1,…,an¢t + bn) to be a non-constant function

Answer: Take f(x1,..,xn) = i=1 to n) xii.

g(t) , f(a¢t + b) = i=1 to n) (ai¢t + bi)i

Note: ai0 for some i. Suppose that an0. g(t) is a non-constant polynomial of degree n.as q>n, this is a non-constant function on F.

(from G-Raz)

Quadratic Residue Function:QR:F{0,1} , QR(a) = 1 $9b2F such that b2=a

Thm[Weil]: Let F be a field of odd size q.Let g(t) be a non-constant polynomial over F of

odd degree d. Choose t2F randomly.. QR(g(t)) has bias at most d/q1/2

works for multivariate g too..

Weil’s Theorem

Subspace X of dim k defined by a(1),…,a(k),b

For f:FnF, define f|X (t1,..,tk) = f((j=1 to k) tj¢a(j) + b )

Using Weil: Poly f(X1,..,Xn) of degree d such that: f|X

constant for all X of dim kAffine Extractor for dim k and q»d2

`trick’: Using this view can multiply vectors

x,y2(Fq)n - not just add them!

Vector Space\Field Dualitynq

nq FF

Fix 1-1 Φ:(Fq)n -->Fqn s.t. ∀a,b∈Fqn s,t∈Fq: Φ(at+ bs) = Φ(a)∙t + Φ(b)∙s We identify the source output with an element

of Fqn:∑aj∙tj+b --> Φ[∑ aj∙tj+b] =∑Φ(aj)∙tj+Φ(b)(as tj ∈ Fq ) our source coincides with a multivariate

polynomial with coeff in Fqn

(from now omit Φ and think of aj∈Fqn )

Viewing the source over the `big’ field

Suppose we allow f|X to have coeff. in the `big field’ Fqn

can take f(x) = x.For any subspace X f|X (t1,..,tk) = (j=1 to k) aj¢tj + b is non-

constant.but to use Weil need f|X with coeff. in Fq

Idea- if coeff. of f|X span Fqn. over Fq – we can `project down to Fq’ without becoming zero\constant

A,B linear subspaces in Fqn

Dfn: A¢B,span{a¢b|a2A, b2B} (enough to take products of basis elements)

[Heur-Lieng-Xiang]Suppose n is prime. Then dim(A¢B)¸ min{dim(A)+dim(B)-1,n}

(analogous to the classic Cauchy-Davenport on Zp)

` dimension expansion of products of subspaces’

Thm: Suppose n is prime. Let T: Fqn Fq be any non-trivial Fq-linear map. Let d=n/(k-1). Suppose Char(F)>d. Let f(x)=T(xd).

Then for any affine subspace X of dim k,f|X is a non-constant poly of degree d with

coeff in Fq.Proof idea: When Char(F) is large enough,

coefficients of f|X are `independent products’ of basis elements.

kk

k

kk

k

ik

iik

i

dii k

ik

iik

i

dii k

dkkkX

ttaaTiid

ttaaiidT

tataTttf

11

1

11

1

11... 1

11... 1

111

)(!!

!

!!!

...),...,(|

over spans

}...|{

show Enough to

111

qnq

kik

i

FF

diiaa k

1} 1)j-(kmin{n,

k}1- 1 1)-1)(j-(kmin{n,)dim(A:HLXby Hence,

that Note 1.-jfor Assumetindependen are a,...,a : 1j

j)on (induction :Proof1} 1)j-(kmin{n,least at dimension has

:Claim

j

11

k1

111

AAA

j)i...|iaSpan(aA

jj

kik

ij

k

Open question: Similar results over F2

Relates to following: n is prime.V a linear subspace of dim k

in (F2)n , k>min{100logn,n/100}. t=┌2n/k┐. Vt ={x1+2+4+..+2^{t} | x2V}. Show that Vt spans (F2)n over F2.

Cauchy – DavenportA,B½Zp

A+B , {a+b| a2A, b2B}

C-D: |A+B| ¸ min{|A|+|B|-1,p}

C-D: |A+B| ¸ min{|A|+|B|-1,p}Proof: Induction on |A|.

|A|=1 : |A+B| = |B| (=|A|+|B|-1)

Induction step: Assume first that ; ( AÅB ( A

Using Inclusion-Exclusion + Ind. Hyp |AÅB + A[B| ¸ min{|AÅB| + |A[B| -1,p}

= min{|A| +|B| -1,p}Done as AÅB + A[B ½ A+B

justify assumption ; ( AÅB (A:w.l.g: 02A,B (can replace A by –a +A, for

some a2A. This does not change |A+B|)|A|>1 , so can fix 0≠a2A.If B=Zp we are done.Otherwise, fix first c s.t. c∙a ∉B.Replace B by –(c-1)∙a + B.We have 02B but a∉B. (which justifies

above assumption)