TY - GEN

T1 - If NP languages are hard on the worst-case then it is easy to find their hard instances

AU - Gutfreund, Dan

AU - Shaltiel, Ronen

AU - Ta-Shma, Amnon

PY - 2005

Y1 - 2005

N2 - We prove that if NP ⊈ BPP, i.e., if some NP-complete language is worst-case hard, then for every probabilistic algorithm trying to decide the language, there exists some polynomially samplable distribution that is hard for it. That is, the algorithm often errs on inputs from this distribution. This is the first worst-case to average-case reduction for NP of any kind. We stress however, that this does not mean that there exists one fixed samplable distribution that is hard for all probabilistic polynomial time algorithms, which is a pre-requisite assumption needed for OWF and cryptography (even if not a sufficient assumption). Nevertheless, we do show that there is a fixed distribution on instances of NP-complete languages, that is samplable in quasi-polynomial time and is hard for all probabilistic polynomial time algorithms (unless NP is easy in the worst-case). Our results are based on the following lemma that may be of independent interest: Given the description of an efficient (probabilistic) algorithm that fails to solve SAT in the worst-case, we can efficiently generate at most three Boolean formulas (of increasing lengths) such that the algorithm errs on at least one of them.

AB - We prove that if NP ⊈ BPP, i.e., if some NP-complete language is worst-case hard, then for every probabilistic algorithm trying to decide the language, there exists some polynomially samplable distribution that is hard for it. That is, the algorithm often errs on inputs from this distribution. This is the first worst-case to average-case reduction for NP of any kind. We stress however, that this does not mean that there exists one fixed samplable distribution that is hard for all probabilistic polynomial time algorithms, which is a pre-requisite assumption needed for OWF and cryptography (even if not a sufficient assumption). Nevertheless, we do show that there is a fixed distribution on instances of NP-complete languages, that is samplable in quasi-polynomial time and is hard for all probabilistic polynomial time algorithms (unless NP is easy in the worst-case). Our results are based on the following lemma that may be of independent interest: Given the description of an efficient (probabilistic) algorithm that fails to solve SAT in the worst-case, we can efficiently generate at most three Boolean formulas (of increasing lengths) such that the algorithm errs on at least one of them.

UR - http://www.scopus.com/inward/record.url?scp=27644467414&partnerID=8YFLogxK

U2 - 10.1109/CCC.2005.11

DO - 10.1109/CCC.2005.11

M3 - Conference contribution

AN - SCOPUS:27644467414

SN - 0769523641

T3 - Proceedings of the Annual IEEE Conference on Computational Complexity

SP - 243

EP - 257

BT - Proceedings of the 20th Annual IEEE Conference on Computational Complexity

T2 - 20th Annual IEEE Conference on Computational Complexity

Y2 - 11 June 2005 through 15 June 2005

ER -