Cook-Levin Theorem
SAT is NP-complete
In other words
• SAT ∈ NP
• ∀ A ∈ NP A ≤P SAT
1
Consider any A ∈ NP
∃ NTM N that decides A in polytime nk
For any input w ∈ Σ*
valid tableau of configurations
2
Properties of an Accepting Tableau
There is exactly one symbol in each cell
The first row is the (‘legal’) start configuration
Every subsequent row is generated ‘legally’
One of these rows is an accepting configuration
3
Proof Idea
Given N and w
construct a Boolean formula that
is satisfiable exactly when
N has an accepting tableau on
input w
4
Constructing the formula
Define Boolean formula
with variables xijs for
• 1 ≤ i ≤ nk
• 1 ≤ j ≤ nk
• s ∈ State Set ∪ Tape Alphabet ∪ Delimiter
Want following semantics:
xijs is T iff cell (i, j) contains symbol s
for some valid accepting tableau
5
represent valid accepting tableau with a
satisfiable Boolean formula
Φcell ∧ Φstart ∧ Φmove ∧ Φaccept
where
• Φcell
• exactly
one symbol per cell
• Φstart
• legal
starting configuration
• Φmove
• legal
moves
• Φaccept
• legal
accepting configuration
6
represent valid accepting tableau
with Boolean formula
Φcell ∧ Φstart ∧ Φmove ∧ Φaccept
7
represent valid tableau with a
Boolean formula with components
• Φcell
• exactly one symbol per cell
for any pair (i,j)
the cell contains at least one symbol
the cell contains at most one symbol
8
represent valid tableau with a Boolean
formula with components
• Φcell
• exactly one symbol per cell
• Φstart
• legal starting configuration
9
represent valid accepting tableau with a
Boolean formula with components
• Φcell
• exactly one symbol per cell
• Φstart
• legal starting configuration
• Φmove
• legal moves
• Φaccept
• legal accepting configuration
10
• Φmove
• legal
moves represented by
legal 2 x 3 windows
11
Claim:
IF start config is valid
and every 2 x 3 window is valid
THEN tableau is valid
•
all changes are legal
# a b q1 b c
# a q2 b c c
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
12
Claim:
IF start config is valid
and every 2 x 3 window is valid
THEN tableau is valid
•
all changes are legal
# a b q1 b c
# a q2 b c c
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
13
Claim:
IF start config is valid
and every 2 x 3 window is valid
THEN tableau is valid
•
•
all changes are legal
illegal changes are prevented
# a b q1 b c
# a q2 b c c
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
14
Claim:
IF start config is valid
and every 2 x 3 window is valid
THEN tableau is valid
•
•
all changes are legal
illegal changes are prevented
# a b q1 b c
# a q2 b c c
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
⊔ ⊔ ⊔ ⊔ ⊔ ⊔
15
SAT is NP-complete
∀ w ∈ Σ* w ∈ A
there is a valid accepting tableau
constructed formula is SATISFIABLE
Corollary 7.42: 3SAT is NP-complete
16
SUBSET-SUM is NP-complete
17
HAMPATH is NP-complete
18
SAT ∈ P
P = NP
3SAT ∈ P
P = NP
CLIQUE ∈ P
VERTEX-COVER ∈ P
HAMPATH ∈ P
SUBSET-SUM ∈ P
19
P = NP
P = NP
P = NP
P = NP
HALTTM = { M, w : M is a TM that halts on input w}
3SAT ≤P HALTTM
HALTTM is NP-hard
However HALTTM is not NP-complete
20
NP-hard
NP-complete
NP
P
All languages
21
If P = NP then you can factor any
integer in polytime
Define language
FACTOR = {
x, a, b
| x, a, b ∈ ℤ
and x has a factor p ∈ ℤ st a ≤ p ≤ b}
FACTOR ∈ NP.
Therefore by assumption, FACTOR ∈ P
Idea: Do a binary search to determine factor by
setting initial interval [1, ⌊√x⌋]
22
NP-hard
NP-complete
NP
P
All languages
23
COMPOSITES ∈ NP
Surprising fact:
PRIMES ∈ P
24
A whirlwind tour through
Modern Cryptography!
25
Sharing Secrets
Steganography vs Cryptography
26
Scytale
27
Caesar Cipher
X
V
Y
A B
Z
B
C
D
E
C
D
F
A
H
Z
U
T
S
I
Y
J
K
X
V
R
E
G
L
M
U
N
T
Q
S
P
R
O
Q
P
O
L
M
N
28
J
K
F
G
H
I
Cryptosystem
5 tuple (𝒫, 𝒞, 𝒦, ℰ, 𝒟)
𝒫: Set of all plaintext strings
𝒞: Set of all ciphertext strings
𝒦: Set of all keys called keyspace
ℰ: Set of all encryption functions; each indexed by a key Ek ∈ ℰ
𝒟: Set of all decryption functions; each indexed by a key Dk ∈ 𝒟
∀k ∈ 𝒦 ∀p ∈ 𝒫 Dk( Ek (p)) = p
29
Shift Ciphers
English alphabet represented by ℤ26
Encryption: p + k mod 26
Decryption: c - k mod 26
30
Shift Ciphers
5 tuple (𝒫, 𝒞, 𝒦, ℰ, 𝒟)
𝒫 = 𝒞 = ℤ26
𝒦 = ℤ26
ℰ: Set of all encryption functions
Ek(p)= p + k mod 26
𝒟: Set of all decryption functions
Dk(c)= c - k mod 26
31
Affine Ciphers
5 tuple (𝒫, 𝒞, 𝒦, ℰ, 𝒟)
𝒫 = 𝒞 = ℤ26
𝒦 = ℤ*26 x ℤ26
ℰ: Set of all encryption functions
Ea,k(p)= ap + k mod 26
𝒟: Set of all decryption functions
-1
Da,k(c)= a (c - k) mod 26
gcd(a, 26) = 1
32
How to Break Cryptosystems
Cryptanalysis
33
Monoalphabet Ciphers
Vulnerable to: Frequency analysis
Alternative: transposition ciphers
34
Symmetric Ciphers
shared key cryptosystems
State of the art: AES
implemented in secure file transfer
protocols (HTTPS, SFTP)
35