Cook-Levin Theorem. SAT is NP-complete

Transcription

1 Cook-Levin Theorem SAT is NP-complete In other words SAT NP A NP A P SAT 1

2 Consider any A NP NTM N that decides A in polytime n k For any input w Σ * valid tableau of configurations 2

3 Properties of an Accepting Tableau There is exactly one symbol in each cell The first row is the ( legal ) start configuration Every subsequent row is generated legally One of these rows is an accepting configuration 3

4 Proof Idea Given N and w construct a Boolean formula that is satisfiable exactly when N has an accepting tableau on input w 4

5 Constructing the formula Define Boolean formula with variables x ijs for 1 i n k 1 j n k s State Set Tape Alphabet Delimiter Want following semantics: x ijs is T iff cell (i, j) contains symbol s for some valid accepting tableau 5

6 represent valid accepting tableau with a satisfiable Boolean formula Φ cell Φ start Φ move Φ accept where Φ cell exactly one symbol per cell Φ start legal starting configuration Φ move legal moves Φ accept legal accepting configuration 6

7 represent valid accepting tableau with Boolean formula Φcell Φstart Φmove Φaccept 7

8 represent valid tableau with a Boolean formula with components Φ cell exactly one symbol per cell for any pair (i,j) the cell contains at least one symbol the cell contains at most one symbol 8

9 represent valid tableau with a Boolean formula with components Φ cell exactly one symbol per cell Φ start legal starting configuration 9

10 represent valid accepting tableau with a Boolean formula with components Φ cell exactly one symbol per cell Φ start legal starting configuration Φ move legal moves Φ accept legal accepting configuration 10

11 Φ move legal moves represented by legal 2 x 3 windows 11

12 Claim: IF start config is valid and every 2 x 3 window is valid THEN tableau is valid all changes are legal # a b q1 b c # a q2 b c c 12

13 Claim: IF start config is valid and every 2 x 3 window is valid THEN tableau is valid all changes are legal # a b q1 b c # a q2 b c c 13

14 Claim: IF start config is valid and every 2 x 3 window is valid THEN tableau is valid all changes are legal illegal changes are prevented # a b q1 b c # a q2 b c c 14

15 Claim: IF start config is valid and every 2 x 3 window is valid THEN tableau is valid all changes are legal illegal changes are prevented # a b q1 b c # a q2 b c c 15

16 SAT is NP-complete w Σ * w A there is a valid accepting tableau constructed formula is SATISFIABLE Corollary 7.42: 3SAT is NP-complete 16

17 SUBSET-SUM is NP-complete 17

18 HAMPATH is NP-complete 18

19 SAT P P = NP 3SAT P P = NP CLIQUE P P = NP VERTEX-COVER P P = NP HAMPATH P P = NP SUBSET-SUM P P = NP 19

20 HALTTM = { M, w : M is a TM that halts on input w} 3SAT P HALTTM HALTTM is NP-hard However HALTTM is not NP-complete 20

21 NP-hard NP-complete NP P All languages 21

22 If P = NP then you can factor any Define language integer in polytime FACTOR = { x, a, b x, a, b Z FACTOR NP. and x has a factor p Z st a p b} Therefore by assumption, FACTOR P Idea: Do a binary search to determine factor by setting initial interval [1, x ] 22

23 NP-hard NP-complete NP P All languages 23

24 COMPOSITES NP Surprising fact: PRIMES P 24

25 A whirlwind tour through Modern Cryptography! 25

26 Sharing Secrets Steganography vs Cryptography 26

27 Scytale 27

28 Caesar Cipher A B C D E F G H I J K L M Z Y X V U N O P Q R S T A B C D E F G H I J K L M Z Y X V U N O P Q R S T 28

29 Cryptosystem 5 tuple (P, C, K, E, D) P: Set of all plaintext strings C: Set of all ciphertext strings K: Set of all keys called keyspace E: Set of all encryption functions; each indexed by a key E k E D: Set of all decryption functions; each indexed by a key D k D k K p P Dk( Ek (p)) = p 29

30 Shift Ciphers English alphabet represented by Z26 Encryption: p + k mod 26 Decryption: c - k mod 26 30

31 Shift Ciphers 5 tuple (P, C, K, E, D) P = C = Z 26 K = Z 26 E: Set of all encryption functions E k (p)= p + k mod 26 D: Set of all decryption functions D k (c)= c - k mod 26 31

32 Affine Ciphers 5 tuple (P, C, K, E, D) P = C = Z 26 K = Z * 26 x Z 26 E: Set of all encryption functions E a,k (p)= ap + k mod 26 D: Set of all decryption functions D a,k (c)= a -1 (c - k) mod 26 gcd(a, 26) = 1 32

33 How to Break Cryptosystems Cryptanalysis 33

34 Monoalphabet Ciphers Vulnerable to: Frequency analysis Alternative: transposition ciphers 34

35 Symmetric Ciphers shared key cryptosystems State of the art: AES implemented in secure file transfer protocols (HTTPS, SFTP) 35