-
Lower Bounds for Leader Election and Collective Coin Flipping, Revisited
Authors:
Eshan Chattopadhyay,
Mohit Gurumukhani,
Noam Ringach,
Rocco Servedio
Abstract:
We study the tasks of collective coin flipping and leader election in the full-information model.
We prove new lower bounds for coin flipping protocols, implying lower bounds for leader election protocols. We show that any $k$-round coin flipping protocol, where each of $\ell$ players sends 1 bit per round, can be biased by $O(\ell/\log^{(k)}(\ell))$ bad players. For all $k>1$ this strengthens p…
▽ More
We study the tasks of collective coin flipping and leader election in the full-information model.
We prove new lower bounds for coin flipping protocols, implying lower bounds for leader election protocols. We show that any $k$-round coin flipping protocol, where each of $\ell$ players sends 1 bit per round, can be biased by $O(\ell/\log^{(k)}(\ell))$ bad players. For all $k>1$ this strengthens previous lower bounds [RSZ, SICOMP 2002], which ruled out protocols resilient to adversaries controlling $O(\ell/\log^{(2k-1)}(\ell))$ players. Consequently, we establish that any protocol tolerating a linear fraction of corrupt players, with only 1 bit per round, must run for at least $\log^*\ell-O(1)$ rounds, improving on the prior best lower bound of $\frac12 \log^*\ell-\log^*\log^*\ell$. This lower bound matches the number of rounds, $\log^*\ell$, taken by the current best coin flipping protocols from [RZ, JCSS 2001], [F, FOCS 1999] that can handle a linear sized coalition of bad players, but with players sending unlimited bits per round. We also derive lower bounds for protocols allowing multi-bit messages per round. Our results show that the protocols from [RZ, JCSS 2001], [F, FOCS 1999] that handle a linear number of corrupt players are almost optimal in terms of round complexity and communication per player in a round.
A key technical ingredient in proving our lower bounds is a new result regarding biasing most functions from a family of functions using a common set of bad players and a small specialized set of bad players specific to each function that is biased.
We give improved constant-round coin flipping protocols in the setting that each player can send 1 bit per round. For two rounds, our protocol can handle $O(\ell/(\log\ell)(\log\log\ell)^2)$ sized coalition of bad players; better than the best one-round protocol by [AL, Combinatorica 1993] in this setting.
△ Less
Submitted 2 April, 2025;
originally announced April 2025.
-
Local Enumeration: The Not-All-Equal Case
Authors:
Mohit Gurumukhani,
Ramamohan Paturi,
Michael Saks,
Navid Talebanfard
Abstract:
Gurumukhani et al. (CCC'24) proposed the local enumeration problem Enum(k, t) as an approach to break the Super Strong Exponential Time Hypothesis (SSETH): for a natural number $k$ and a parameter $t$, given an $n$-variate $k$-CNF with no satisfying assignment of Hamming weight less than $t(n)$, enumerate all satisfying assignments of Hamming weight exactly $t(n)$. Furthermore, they gave a randomi…
▽ More
Gurumukhani et al. (CCC'24) proposed the local enumeration problem Enum(k, t) as an approach to break the Super Strong Exponential Time Hypothesis (SSETH): for a natural number $k$ and a parameter $t$, given an $n$-variate $k$-CNF with no satisfying assignment of Hamming weight less than $t(n)$, enumerate all satisfying assignments of Hamming weight exactly $t(n)$. Furthermore, they gave a randomized algorithm for Enum(k, t) and employed new ideas to analyze the first non-trivial case, namely $k = 3$. In particular, they solved Enum(3, n/2) in expected $1.598^n$ time. A simple construction shows a lower bound of $6^{\frac{n}{4}} \approx 1.565^n$.
In this paper, we show that to break SSETH, it is sufficient to consider a simpler local enumeration problem NAE-Enum(k, t): for a natural number $k$ and a parameter $t$, given an $n$-variate $k$-CNF with no satisfying assignment of Hamming weight less than $t(n)$, enumerate all Not-All-Equal (NAE) solutions of Hamming weight exactly $t(n)$, i.e., those that satisfy and falsify some literal in every clause. We refine the algorithm of Gurumukhani et al. and show that it optimally solves NAE-Enum(3, n/2), namely, in expected time $poly(n) \cdot 6^{\frac{n}{4}}$.
△ Less
Submitted 6 January, 2025;
originally announced January 2025.
-
On Extremal Properties of k-CNF: Capturing Threshold Functions
Authors:
Mohit Gurumukhani,
Marvin Künnemann,
Ramamohan Paturi
Abstract:
We consider a basic question on the expressiveness of $k$-CNF formulas: How well can $k$-CNF formulas capture threshold functions? Specifically, what is the largest number of assignments (of Hamming weight $t$) accepted by a $k$-CNF formula that only accepts assignments of weight at least $t$? Among others, we provide the following results:
- While an optimal solution is known for $t \leq n/k$,…
▽ More
We consider a basic question on the expressiveness of $k$-CNF formulas: How well can $k$-CNF formulas capture threshold functions? Specifically, what is the largest number of assignments (of Hamming weight $t$) accepted by a $k$-CNF formula that only accepts assignments of weight at least $t$? Among others, we provide the following results:
- While an optimal solution is known for $t \leq n/k$, the problem remains open for $t > n/k$. We formulate a (monotone) version of the problem as an extremal hypergraph problem and show that for $t = n-k$, the problem is exactly the Turán problem.
- For $t = αn$ with constant $α$, we provide a construction and show its optimality for $2$-CNF. Optimality of the construction for $k>2$ would give improved lower bounds for depth-$3$ circuits.
△ Less
Submitted 29 December, 2024;
originally announced December 2024.
-
Condensing and Extracting Against Online Adversaries
Authors:
Eshan Chattopadhyay,
Mohit Gurumukhani,
Noam Ringach,
Rocco Servedio
Abstract:
We investigate the tasks of deterministically condensing and extracting randomness from Online Non-Oblivious Symbol Fixing (oNOSF) sources, a natural model of defective random sources for which extraction is impossible in many parameter regimes [AORSV, EUROCRYPT'20]. A $(g,\ell)$-oNOSF source is a sequence of $\ell$ blocks where $g$ of the blocks are good (are independent and have some min-entropy…
▽ More
We investigate the tasks of deterministically condensing and extracting randomness from Online Non-Oblivious Symbol Fixing (oNOSF) sources, a natural model of defective random sources for which extraction is impossible in many parameter regimes [AORSV, EUROCRYPT'20]. A $(g,\ell)$-oNOSF source is a sequence of $\ell$ blocks where $g$ of the blocks are good (are independent and have some min-entropy), and the remaining bad blocks are controlled by an online adversary - can be arbitrarily correlated with any block that appears before it.
The existence of condensers for oNOSF sources was recently studied in [CGR, FOCS'24]. They proved various condensing impossibility results, and showed the existence of condensers when $n\gg\ell$.
We make significant progress on proving the existence of condensers in almost all parameter regimes, even when $n$ is a large constant and $\ell$ is growing. We next construct the first explicit condensers for oNOSF sources, matching the existential results of [CGR, FOCS'24]. We also obtain a much improved construction for transforming low-entropy oNOSF sources into uniform oNOSF sources.
We find interesting applications of our results to collective coin flipping and collective sampling, problems that are well-studied in fault-tolerant distributed computing. We use our condensers to provide very simple protocols for these problems.
Next, we turn to understanding the possibility of extraction from oNOSF sources. We initiate the study of a new, natural notion of the influence of functions, which we call online influence. We establish tight bounds on the online influence of functions, which imply extraction lower bounds. Lastly, we give explicit extractor constructions for oNOSF sources, using novel connections to leader election protocols. These extractors achieve parameters that go beyond standard resilient functions [AL, Combinatorica'93].
△ Less
Submitted 2 April, 2025; v1 submitted 6 November, 2024;
originally announced November 2024.
-
Two-Sided Lossless Expanders in the Unbalanced Setting
Authors:
Eshan Chattopadhyay,
Mohit Gurumukhani,
Noam Ringach,
Yunya Zhao
Abstract:
We present the first explicit construction of two-sided lossless expanders in the unbalanced setting (bipartite graphs that have polynomially many more nodes on the left than on the right).
Prior to our work, all known explicit constructions in the unbalanced setting achieved only one-sided lossless expansion.
Specifically, we show that the one-sided lossless expanders constructed by Kalev and…
▽ More
We present the first explicit construction of two-sided lossless expanders in the unbalanced setting (bipartite graphs that have polynomially many more nodes on the left than on the right).
Prior to our work, all known explicit constructions in the unbalanced setting achieved only one-sided lossless expansion.
Specifically, we show that the one-sided lossless expanders constructed by Kalev and Ta-Shma (RANDOM'22) -- that are based on multiplicity codes introduced by Kopparty, Saraf, and Yekhanin (STOC'11) -- are, in fact, two-sided lossless expanders. Moreover, we show that our result is tight, thus completely characterizing the graph of Kalev and Ta-Shma.
Using our unbalanced bipartite expander, we easily obtain lossless (non-bipartite) expander graphs on $N$ vertices with polynomial degree $\ll N$ and expanding sets of size $N^{0.49}$.
△ Less
Submitted 9 February, 2025; v1 submitted 6 September, 2024;
originally announced September 2024.
-
Local Enumeration and Majority Lower Bounds
Authors:
Mohit Gurumukhani,
Ramamohan Paturi,
Pavel Pudlák,
Michael Saks,
Navid Talebanfard
Abstract:
Depth-3 circuit lower bounds and $k$-SAT algorithms are intimately related; the state-of-the-art $Σ^k_3$-circuit lower bound and the $k$-SAT algorithm are based on the same combinatorial theorem. In this paper we define a problem which reveals new interactions between the two. Define Enum($k$, $t$) problem as: given an $n$-variable $k$-CNF and an initial assignment $α$, output all satisfying assig…
▽ More
Depth-3 circuit lower bounds and $k$-SAT algorithms are intimately related; the state-of-the-art $Σ^k_3$-circuit lower bound and the $k$-SAT algorithm are based on the same combinatorial theorem. In this paper we define a problem which reveals new interactions between the two. Define Enum($k$, $t$) problem as: given an $n$-variable $k$-CNF and an initial assignment $α$, output all satisfying assignments at Hamming distance $t$ from $α$, assuming that there are no satisfying assignments of Hamming distance less than $t$ from $α$. Observe that: an upper bound $b(n, k, t)$ on the complexity of Enum($k$, $t$) implies:
- Depth-3 circuits: Any $Σ^k_3$ circuit computing the Majority function has size at least $\binom{n}{\frac{n}{2}}/b(n, k, \frac{n}{2})$.
- $k$-SAT: There exists an algorithm solving $k$-SAT in time $O(\sum_{t = 1}^{n/2}b(n, k, t))$.
A simple construction shows that $b(n, k, \frac{n}{2}) \ge 2^{(1 - O(\log(k)/k))n}$. Thus, matching upper bounds would imply a $Σ^k_3$-circuit lower bound of $2^{Ω(\log(k)n/k)}$ and a $k$-SAT upper bound of $2^{(1 - Ω(\log(k)/k))n}$. The former yields an unrestricted depth-3 lower bound of $2^{ω(\sqrt{n})}$ solving a long standing open problem, and the latter breaks the Super Strong Exponential Time Hypothesis.
In this paper, we propose a randomized algorithm for Enum($k$, $t$) and introduce new ideas to analyze it. We demonstrate the power of our ideas by considering the first non-trivial instance of the problem, i.e., Enum($3$, $\frac{n}{2}$). We show that the expected running time of our algorithm is $1.598^n$, substantially improving on the trivial bound of $3^{n/2} \simeq 1.732^n$. This already improves $Σ^3_3$ lower bounds for Majority function to $1.251^n$. The previous bound was $1.154^n$ which follows from the work of Håstad, Jukna, and Pudlák (Comput. Complex.'95).
△ Less
Submitted 23 May, 2024; v1 submitted 14 March, 2024;
originally announced March 2024.
-
On the Existence of Seedless Condensers: Exploring the Terrain
Authors:
Eshan Chattopadhyay,
Mohit Gurumukhani,
Noam Ringach
Abstract:
We prove several new results for seedless condensers in the context of three related classes of sources: Non-Oblivious Symbol Fixing (NOSF) sources, online NOSF (oNOSF) sources [AORSV, EUROCRYPT'20], and adversarial Chor-Goldreich (aCG) source [DMOZ, STOC'23]. We think of these sources as a sequence of random variables $\mathbf{X}=\mathbf{X}_1,\dots,\mathbf{X}_\ell$ on $\ell$ symbols where at leas…
▽ More
We prove several new results for seedless condensers in the context of three related classes of sources: Non-Oblivious Symbol Fixing (NOSF) sources, online NOSF (oNOSF) sources [AORSV, EUROCRYPT'20], and adversarial Chor-Goldreich (aCG) source [DMOZ, STOC'23]. We think of these sources as a sequence of random variables $\mathbf{X}=\mathbf{X}_1,\dots,\mathbf{X}_\ell$ on $\ell$ symbols where at least $g$ out of these $\ell$ symbols are "good" (i.e., have some min-entropy requirement), denoted as a $(g,\ell)$-source, and the remaining "bad" $\ell-g$ symbols may adversarially depend on these $g$ good blocks. The difference between each of these sources is realized by restrictions on the power of the adversary. Prior to our work, the only known seedless condenser upper or lower bound in these settings is due to [DMOZ, STOC'23], where they explicitly construct a seedless condenser for a restricted subset of $(g,\ell)$-aCG sources.
We show:
1) oNOSF sources
a) When $g\leq\ell/2$, we prove that condensing with error 0.99 above rate $\frac{1}{\lfloor \ell/g \rfloor}$ is impossible. In fact, we show that this is tight.
b) For $g> \ell/2$, we show the existence of excellent condensers for uniform oNOSF sources. In addition, we show the existence of similar condensers for oNOSF sources with only logarithmic min-entropy.
2) aCG sources
a) We observe that uniform aCG sources are equivalent to uniform oNOSF sources and consequently inherit the same results.
b) We show that one cannot condense beyond the min-entropy gap of each block or condense low min-entropy CG sources above rate $1/2$.
3) NOSF sources
a) We show that condensing with constant error above rate $\frac{g}{\ell}$ is impossible for uniform NOSF sources for any $g$ and $\ell$, thus ruling out the possibility of any non-trivial condensing. This shows a distinction between NOSF sources and oNOSF sources.
△ Less
Submitted 2 October, 2024; v1 submitted 22 December, 2023;
originally announced December 2023.
-
Extractors for Polynomial Sources over $\mathbb{F}_2$
Authors:
Eshan Chattopadhyay,
Jesse Goodman,
Mohit Gurumukhani
Abstract:
We explicitly construct the first nontrivial extractors for degree $d \ge 2$ polynomial sources over $\mathbb{F}_2^n$. Our extractor requires min-entropy $k\geq n - \tildeΩ(\sqrt{\log n})$. Previously, no constructions were known, even for min-entropy $k\geq n-1$. A key ingredient in our construction is an input reduction lemma, which allows us to assume that any polynomial source with min-entropy…
▽ More
We explicitly construct the first nontrivial extractors for degree $d \ge 2$ polynomial sources over $\mathbb{F}_2^n$. Our extractor requires min-entropy $k\geq n - \tildeΩ(\sqrt{\log n})$. Previously, no constructions were known, even for min-entropy $k\geq n-1$. A key ingredient in our construction is an input reduction lemma, which allows us to assume that any polynomial source with min-entropy $k$ can be generated by $O(k)$ uniformly random bits.
We also provide strong formal evidence that polynomial sources are unusually challenging to extract from, by showing that even our most powerful general purpose extractors cannot handle polynomial sources with min-entropy below $k\geq n-o(n)$. In more detail, we show that sumset extractors cannot even disperse from degree $2$ polynomial sources with min-entropy $k\geq n-O(n/\log\log n)$. In fact, this impossibility result even holds for a more specialized family of sources that we introduce, called polynomial non-oblivious bit-fixing (NOBF) sources. Polynomial NOBF sources are a natural new family of algebraic sources that lie at the intersection of polynomial and variety sources, and thus our impossibility result applies to both of these classical settings. This is especially surprising, since we do have variety extractors that slightly beat this barrier - implying that sumset extractors are not a panacea in the world of seedless extraction.
△ Less
Submitted 31 January, 2024; v1 submitted 19 September, 2023;
originally announced September 2023.
