ON THE COb4PLEXITY OF MATRIX GROUP PROBLEMS 1
Liszl6 Babai*
Endre Szemerzdi
Dept... Algebra
Eotvos University
Budapest , Hungary H-1088
Mathematical I n s t i t u t e of t h e
Hungarian Academy o f Sciences
Budapest, Hungary H-1053
C l a s s i c a l r e s u l t s t e l l us t h a t membership i n a subgroup, o r d e r (even whether t h e order i s equal t o
l), and isomorphism are a l l undecidable.
ABSTRACT
Decidable but a p p a r e n t l y very d i f f i c u l t
we b u i l d a theory of black box groups, and
apply it t o m t r i x groups over f i n i t e f i e l d s .
q u e s t i o n s a r i s e i f our group i s given a s t h e Galois
Elements of a black box group are encoded by s t r i n g s
of uniform l e n g t h and group operations are p e r f o r m d
by an o r a c l e . Subgroups are given by a l i s t of
g e n e r a t o r s . Ne prove t h a t f o r such subgroups,
membership and d i v i s o r o f the order a r e i n NPB .
(B i s t h e group box o r a c l e . ) Under a p l a u s i b l e
r m t h e w t i c a l hypothesis on s h o r t p r e s e n t a t i o n s of
f i n i t e simple groups, n o m n b e r s k i p and exaact order
.
w i l l a l s o be i n NPB and t h u s i n NPB n coNPB
I n another paper we shall prove without any
unproven hypothesis t h a t t h e order of a group and
t h u s nonmembership can be c e r t i f i e d i n a s t a t i s t i c a l
sense (Arthur v s . Merlin g a m s ) and t h e r e f o r e i s
in
1).
NPBtA f o r a random o r a c l e A (with p r o b a b i l i t y
This p u t s membership i n m t r i x groups over
finite fields i n
oracle A
.
NP
fl CON$
group of an equation.
Determining t h e o r d e r of
t h i s group i s not known t o be i n PSPACE.
Determining t h e order of t h e automorphism
group
of a f i n i t e s t r u c t u r e i s polynomial t i m e
Turing-equivalent t o graph isomorphism which i s
clearly i n
NP, u n l i k e l y t o be NP-complete but not
known t o be i n o r near
coNP
received t h e most a t t e n t i o n i n complexity theory
l a t e l y i s permutation groups, given by generators.
Membership and order are polynomial t i m e decidable.
Isomorphism remains d i f f i c u l t .
f o r a random
fact, i n
Full d e t a i l s w i l l appear i n COMBINATORICA.
either.
The c l a s s of group r e p r e s e n t a t i o n s t h a t h a s
1;).
I t i s i n PSPACE ( i n
It i s n o t known t o be
NP-hard but
i s c l e a r l y a t l e a s t a s d i f f i c u l t a s isomorphism of
groups given by Cayley t a b l e s .
0.
0.2.
INTRODUCTION.
An i n t e r e s t i n g c l a s s of groups, and t h e m a i n
focus of t h e p r e s e n t paper, i s matrix groups over
0.1.
A ( f i n i t e ) group may be given i n many
d i f f e r e n t ways.
f i n i t e f i e l d s , g i v e n by generators.
Natural questions such a s m e m b e r -
s h i p , o r d e r , isomorphism w i l l be of varying
d i f f i c u l t y , depending on t h e r e p r e s e n t a t i o n .
ing problems f o r permutation groups, and q u i t e
The
l e a s t s u c c i n c t 01 t h e commonly used r e p r e s e n t a t i o n s
i s by Cayley t a b l e ( m u l t i p l i c a t i o n t a b l e ) .
In t h i s
c a s e , membership i n and order of subgroups generated
by a given l i s t of elements are easy.
Isomorphism
i s subexponential but n o t known t o be polynomial
time decidable.
The problems
h e r e are c l e a r l y a t l e a s t a s hard as t h e correspond-
O n t h e o t h e r end of t h e scale are
l i k e l y s u b s t a n t i a l l y harder.
one m a t r i c e s over t h e f i e l d of
Already f o r one by
p
elements,
r e p r e s e n t i n g a n element a5 a power of another i s
t h e d i s c r e t e logarithm problem mod p .
This
observation appears t o i n d i c a t e t h a t even f o r t h e
s i m p l e s t problems (membership, o r d e r ) , t h e b e s t we
may expect i s p u t t i n g them i n
NP
n
coNP.
p r e s e n t a t i o n s ( i n terms of g e n e r a t o r s and r e l a t i o n s ) .
*This work w a s done while v i s i t i n s- D e-p t . Math.,
Simon F r a s e r University, Burnaby, B.C., Canada.
Currently v i s i t i n g Dept. Computer Science, Univ.
of Chicago, Chicago , I L 60637.
0.3.
The m t k x yroup membership problem is
deciding t h e complexity of t h e c l a s s {(g,G) : g € GI.
229
0272-5428/84/0000/0229$01.00
@
1984 IEEE
We shall consider t h e following problems.
Here and throughout t h e paper,
given by a l i s t of g e n e r a t o r s .
i s a group
G
The dimension
d
in
and a reasonable r e p r e s e n t a t i o n (of l e n g t h
O(log 9 ) ) of t h e f i e l d
problem i n s t a n c e .
is in
It i s understood, t h a t
{(d,GF(q) ,g,G)
divisor of order:
W e s h a l l a l s o consider
c
{(n,G): n
j u s t guess m = / G I and v e r i f y
I
NP
I
] G I = n}.
s u b s t a n t i a l l y more t r a n s p a r e n t i n t h i s c o n t e x t .
Most s i g n i f i c a n t l y , w e s h a l l be a b l e t o handle
f a c t o r groups of m a t r i x groups as black box groups.
This i s t h e key technique i n t h e proof o f our main
r e s u l t , Theorem 9.1 (Zower
.
(a)
Emct order i s i n
(b)
Both upper and Lower bound are i n
NP
(c)
Both upper and lower bound are i n
coNP
Exact order i s i n coNP fl NP.
(e) Both d i v i s o r and multipbe a r e i n
.
.
1.
(d)
Also, i f exact order i s i n
NP
n
coNP
.
NP
is
IGI t h e n
g
G, otherwise
g
g
and
(
G
.
s t r i n g s of l e n g t h
G.)
where
These observations remain v a l i d r e l a t i v e t o
b
and
c
0-1
.
a seven-tuple
B = (b, c , i n v , prod, i d , GB,
fB)
are p o s i t i v e integers (b i s t h e
code l e n g t h , c i s t h e witness exponent) and
any o r a c l e .
Isomorphism means {(G,H): G and H are
isomorphic].
b
A group box i s
D e f i n i t i o n 1.1.
I f it
denote t h e s e t of
S ( b ) = {O,l}b
Let
thenmmber-
(Guess and v e r i f y t h e
o r d e r of t h e group generated by
BLACK BOX GROUPS.
.
NP
bound on o r d e r ) .
0.6.
For l a c k of space w e had t o omit most p r o o f s .
Even t h e main r e s u l t
(Theorem 9 . 1 ) i s no exception.
W e hope, however, t h a t s u f f i c i e n t d e t a i l has been
included t o enable t h e r e a d e r t o understand t h e new
concepts and c e n t r a l i d e a s .
Clearly,
t h e following are e q u i v a l e n t .
NP
Proofs of our m a t r i x group r e s u l t s become
oracle.
.
Exact order means { (n,G) :
This i s a common
s t r i n g s and group o p e r a t i o n s are performed by an
n 5 m ]GI.)
bound i s i n CONPp r e c i s e l y
bound i s i n NP
10.1
groups where group elements are r e p r e s e n t e d by
n 5 IG I,
Upper bound on order means { (n,G) : / G I C- n}.
MuZtipZe of order i s { ( n , G ) : I G I In}. Upper bound
reduces t o multiple as bower bound t o divisor.
Observe t h a t upper
coNP (Theorems 9.1,
g e n e r a l i z a t i o n of permutation groups and m a t r i x
(To prove t h a t
then so i s t h e l o w e r bound.
n
Black box groups.
0.5.
n lG13.
2,
NP
and 1 1 . 4 ) .
C l e a r l y , i f t h e d i v i s o r problem i s i n
is i n
[Ea 21.)
(ll.l), it follows t h a t exact order and t h u s
membership a r e i n
G I (g E GL(d,q) 3 G ) .
{(n,G): n C 2 , n 5 IGl}.
ship
.
A
on s h o r t p r e s e n t a t i o n s o f f i n i t e simple groups
Lower bound on order means t h e c l a s s
i f bower
A
Hence it
Assuming t h e t r u t h o f a p l a u s i b l e c o n j e c t u r e
I n a s i m i l a r sense, nonmembership i s t h e c l a s s
f
coNPA f o r a random o r a c l e
o r a c l e s w i l l appear elsewhere,
:
g E G 5 GL(d,q)j.
{(g,G): g
NPA f o r a random o r a c l e
(Proofs of t h e r e s u l t s involving random
So, s t r i c t l y speaking, w e c o n s i d e r
G C GL(d,q).
t h e complexity of t h e c l a s s
Theorems 6 . 1 and 9.1).
5.18,
(with p r o b a b i l i t y 1) (Sections 1 2 , 1 3 ) .
are part of t h e
GF(q)
(Cor.
NP
Exact order i s i n
(G and H a r e two matrix groups over
possibly d i f f e r e n t f i n i t e f i e l d s . )
inv :
S(b)
prod:
S(b)
X S(b)
id
S(b)
X
:
-f
S(b)
S(b)
-f
s(bc)
-f
{YES,
a r e f u n c t i o n s ; furthermore
*I
i s a f i n i t e group
0.4.
O u r main r e s u l t s a r e t h e following.
Matrix group membership i s i n NP
(This i s a n
(the poup in t h e box)
immediate consequence of t h e Reachability
i s a map s a t i s f y i n g t h e following c o n d i t i o n s .
.
fB: S(b)
Theorem 3.1, c f . Thm. 4 . 1 . ) .
som morph ism i s i n
&visor of order i s i n
Let
(Cor. 4-91
NP
.
.
n a m e of
(Theorems 9.1 and
(i)
10.1.)
+
and
{"I
SB = f i l ( G B ) .
f B (x)
If
GB U
x C SB t h e n
i n v ( x ) C SB and
-1
f B ( i n v ( x ) ) = Cfg(x))
SoZvabiZity, exact order of solvable groups a r e
230
x 6 SB i s a
W e say t h a t
.
.
x,y C SE) t h e n
(ii) I f
prod(x,y) € SB
f (prcld(x,y)) = f B ( x ) f B ( y )
B
id(xry) =
then
(iv)
x
If
exists
*
.
y C S(bc)
y C S(bc)
such t h a t
f o r e , no i n p u t w i l l be s h o r t e r t h a n
x
y a witness of t h e name
names (length
011
b
codewords)
Proposition 1.6.
Several p o i n t s
group
G
G
.
C o r o l l a r y 1.7.
Elements
b
of t h i s group a r e encoded as m a t r i c e s b u t t h e names
is
b
.
IGI C 2b
The t y p i c a l e:sample we have i n mind i s a
of a matrix group
The following a r e
The o r d e r of any black box
of code l e n g t h
i n t h i s d e f i n i t i o n r e q u i r e motivation.
G/N
There-
bits.
clear.
Informally, t h e group box performs
of elements of an imknown group.
b
Regarding t h e economy of such r e p r e s e n t a t i o n ,
cf. t h e remark a f t e r Cor. 4.2.
group o p e r a t i o n s
f a c t o r group
The s e t of names of
which i s t h e base of complexity estimates.
i d ( x , y ) = YES.
of t h e i d e n t i t y .
Comments 1.2.
a group G w i l l
.
G
t h e g e n e r a t o r s w i l l be t h e INPUT, t h e l e n g t h of
f B ( x ) = 1 then t h e r e
zt
The phrase guess
mean guess g e n e r a t o r s f o r
.
~ ( b ) and
W
e c a l l such
Groups w i l l always be given by
Comment 1.5.
generators.
f B ( x ) # 1 and
x E S ( b ) and
(iii) I f
cause no confusion.
and
Any black box group of code l e n g t h
can be generated by
5 b
be r e p r e s e n t e d by an i n p u t of
elements and can t h u s
5 b2
bits.
Q
a r e n o t unique and not every matrix i s a name.
I t would seem n a t u r a l t o make
S(b)
+.
*I,
{YES,
x
of t h e
must be a proof t h a t
x
is a
G/N
member of
.
N
t h e s p i r i t of nondeterminism i n t h i s paper.
INV(x) , PROD(x,y) , ID(x,y) can be e n t e r e d .
group box c u r r e n t l y i n t e r a c t i n g with t h e Turing
Note
corresponding answers.
fBk) # 1
Such a l g o r i t h m s , involving a group box as an
o r a c l e , w i l l be r e f e r r e d t o as group box algorithms.
This ccirresponds t o t h e f a c t that
D e f i n i t i o n 2.2.
nonmembership v e r i f ' i c a t i o n i s more d i f f i c u l t than
membership i s i n
EIP
D e f i n i t i o n 1.3.
(B ,xl,..
xl,.
.,xt)
B
.
which a c c e p t s
i s a group box and
1
box group w i l l
"x C G"
solvability,
write
etc.
symbols
xy
i s a non-
x
i f and only i f
P(x) holds.
A
i s t h e r e c o r d of such an
P(x)
GB
time of an a c c e p t i n g computation on i n p u t
bZack box group
Here, polynomid time means
generated by
The phrase
where t h e exponent
G is a given black
witness exponent
x
€ S (b)
group box
t o mean t h a t f B ( x )
..
.,fg (x,).
belongs t o t h e group generated by f (x 1,
B 1
W e shall a l s o r e f e r t o G having p r o p e r t i e s s u c h a s
use t h e
of a
a c c e p t i n g computation.
r e f a t o a t u p l e , but we s h a l l say
f o r some
P
x
The l e n g t h of t h e c e r t i f i c a t e is t h e running
We a l s o u s e t h e term
(x 1 r . . . , f B ( x t ) .
A v e r i f i c a t i o n of
c e r t i f i c a t e of
..,x t C S B .
t o mean t h e suhgroug of
B
P ( x ) be a r e l a t i o n
d e t e r m i n i s t i c polynomial time group box algorithm
A black box group i s a t u p l e
where
Comment 1.4.
f
c e r t a i n length.
but we c a n ' t prove t h e same
f o r nonmembership (.cf. 0.4)
Let
( p r e d i c a t e ) on t h e s e t of i n p u t s t r i n g s
Indeed, we s h a l l see t h a t matrix group
membership.
The
machine w i l l (magically and a t no c o s t ) p r i n t t h e
without an exhaustive s e a r c h of a l l p o s s i b l e
witnesses.
Our model of computation i s a non-
e x t r a query t a p e where statements of t h e form
Conditions (iii)and ( i v ) r e f l e c t
t h a t t h e group box w i l l not confirm
CERTIFICATES.
d e t e r m i n i s t i c RAM (endowed with B guess t a p e ) with an
groups (our c r u c i a l t o o l , s e e
The witness of t h e name
identity i n
COMPUTATION ON BLACK BOX GROUPS.
Comment 2.1.
This, however, would not
factcir
Theorem 4 . 6 ) .
2.
a function
which simply recognizes t h e names
of t h e i d e n t i t y .
generalize t o
id
(')
.
x
,
depends s o l e l y on t h e
and n o t otherwise on t h e
.
O u r d e f i n i t i o n of polynomial time
Remark 2.3.
could be formalized i n t h e c o n t e x t of r e l a t i v i z e d
Most of t h e time we s h a l l n o t
algorithms by compounding i n f i n i t e l y many group
fEl, prod, e t c . and w i l l simply
i n p l a c e of p r o d ( x , y ) , e t c .
B
C(c)
c
o ( 1x I
boxes with t h e same bound
This w i l l
exponents
23 1
c
c*
on witness
into a single oracle
B(c*).
of P
j,k <
there e x i s t s a c e r t i f i c a t e
The phrases
Remark 2.4.
The s t r a i g h t - l i n e
e x i s t e n c e o f a polynomial t i m e v e r i f i c a t i o n
COSt
(from t h e given s e t
Reachability
"fB(X) = 1".
order
Here i s t h e procedure.
Guess
witness
Check
i d ( x , y ) = YES
y
.
Proof.
H
"gi = 1" f o r a l l g e n e r a t o r s
(Note t h a t o u r i n p u t i s
gi
of
G
(xl,.,.,xt)
.
Let
While t h e c e r t i f i a b i l i t y of t h e
P (x)
1
=
G.)
, let
G
c o s t of
"cube"
P2(G) = " / G I = 1" followed immediately from o u r
us d e f i n e
,...,gt
such t h a t
.
x'
set
{z,,
...,zi}.
If
K(i)-%(i)
G
Thus, i n
-
-
C l a i m 1.
e x t r a device; see Section 7 .
be t h e
( ~ ( 0 =) C11 and
W e s h a l l frequently use t h e f a c t t h a t
C l a i m 2.
[pr].
we s e t
= G
zi+l
and
c o s t of t h e
C(O) =
s
= i
0.1
and s t o p .
t o be an element of
.
c (i)
If
Corollary 1.
primality c e r t i f i c a t e s exist
E. = 0,l)
minimizing t h e c o s t i n c r e a s e
K(i)-lK(i)
c(i+l)
we need some
G
:
denote t h e s t r a i g h t - l i n e
o r d e r t o o b t a i n c e r t i f i c a t e s of lower bounds on
t h e o r d e r of a black box group
of t h i s
s
based on t h e i n i t i a l segment z l , . . . , z i ,
E l s e , we d e f i n e
"x # 1" would r e q u i r e an exhaustive search of
a l l p o s s i b l e witnesses f o r some
(not a s t r a i g h t -
G
The l e n g t h
...z . E.
K ( i ) = {z, El
c(i)
cannot be c e r t i f i e d . Any proof
Pi
of elements of
let
d e f i n i t i o n , it i s equally immediate t h a t t h e
negation of t h e
i < s
s 5 log n
c(i+l)
Corollary 2.
then
-
jK(i+l)
c(i) 5 i
= 2/K(i)l.
0
.
c ( i ) 5 2i+1
2
I
.
U
.
Now t h e conclusion i s immediate.
3.
.
as t h e l e n g t h
H
g1
2
7
i s t h e i d e n t i t y " and
"x
,...,z
o
Remark 2.7.
Remark 2.8.
i s 5 (1 + log n)
sequence w i l l a l s o be defined i n t h e process.
where
are t h e g e n e r a t o r s o f
of
of
H
l i n e program) as follows.
g . = f ( x .)
relations
For a s u b s e t
of
G
We s h a l l i n d u c t i v e l y d e f i n e a sequence
z1,z2
Take t h e conjunction of c e r t i f i c a t e s of
1
Given a group
of g e n e r a t o r s , t h e s t r a i g h t -
S
5 {gl,-.-tgt}-
1".
B
Theorem 3 . 1 .
and a s e t
of t h e s h o r t e s t s.1. program
There e x i s t s a c e r t i f i c a t e of
Corollary 2.6.
n
c(H), t h e straight-line
lyI = bC = 1x1'.
1
x
S).
l i n e c o s t of each element of G
The l e n g t h of t h e c e r t i f i c a t e w i l l be dominated by
Proof.
is t h e
s.1. program generating
There e x i s t s a c e r t i f i c a t e of
Example 2.5.
"IGI =
x E G
o f a n element
l e n g t h of t h e s h o r t e s t
procedure i n t h e above sense.
Proof.
The members of t h e sequence
a r e s a i d t o be generated by t h e s.1. program.
P can be c e r t i f i e d are equivalent t o t h e
or
,...,t ) .
(i = 1
1
0
SHORT STRAIGHT LINE PROGRAMS I N GROUPS.
Throughout t h e paper, l o g w i l l mean base 2
logarithms.
4.
I n t h i s s e c t i o n w e prove t h e fundamental r e s u l t
t h a t , i n a group of o r d e r
n
, every
element can be
generated from any set o € generators i n
FACTOR GROUPS.
Let
(LSZ].
group
G
.
elements of
t from
S
G
gl,...,gt
Of
of
a s t r a i g h t - l i n e program of l e n g t h
S i f each
gi
an element of t h e form
i s e i t h e r a member of
-1
g.
1
or
G
be a black box group.
An immediate
e x i s t e n c e of membership c e r t i f i c a t e s f o r subgroups
of g e n e r a t o r s of t h e
W e c a l l a sequence
ISOMORPHISM.
consequence of t h e Reachability Theorem is t h e
We begin with d e f i n i t i o n s .
L e t us f i x a s e t
NORMALITY,
( l o 9 n)'
This w a s c o n j e c t u r e d by Lipton e t a l .
steps.
CERTIFICATES OF MEMBERSHIP, SUBGROUPS.
ECONOMICAL SETS OF GENERATORS.
gjgk
S
G
.
Theorem 4.1.
Given elements
g o , . - - , g m of
t h e r e e x i s t s a c e r t i f i c a t e of t h e r e l a t i o n
or
generated by
f o r some
232
gl,.
. .,gm". 0
G
"
go
,
is
Corollary 4.2.
G
Let t h e subgroups
and
H
x1
Then t h e r e e x i s t
be given by generators.
c e r t i f i c a t e s of t:he r e l a t i o n s
and
H 5 K
i.e.,
Given a subgroup
"gl,.
of
..,gt
generate
x
t 5 log IHI
(iv)
and c e r t i f i c a t e
G
€ S ( b ) , yo € S ( b c ) .
i s a s t r a i g h t l i n e program from
each
yo
-1
id(x
Observe t h a t i n f a c t
Normal subgroups and normal c l o s u r e are t h e
yo) = YES
xt,
y
+
s a t i s f y IyI 5 lyol
fundamental t o o l s of group theory we have t o handle
Given
, there
N 5 G
c e r t i f i c a t e of t h e r e l a t i o n
Theorem 4.5.
Givsn
and
€ G
..,gr
gl,.
in
H"
G".
0
O(b2) < b C ' .
.
These d e f i n i t i o n s provide a group box with
G/N a black
To make
box group, w e have t o name i t s generators; t h e s e
is
"N
.
B
G/N t h e group i n t h e box.
N 5 H 5 GI
t h e r e e x i s t s a c e r t i f i c a t e of t h e r e l a t i o n
t h e normal closurlz of
for
i s normal i s
"N
gl, ...,gr
exists a
+
bC'.
b, i n v and prod are t h e same as
Note t h a t
Theorem 4.4.
.
could be chosen t o
O(log2 / N I ) 5 bC
We then pad it o u t t o o b t a i n l e n g t h
next.
f o r some
i s a witness t o t h e e q u a l i t y fB(xt) =
fB(x), i.e.,
H".
x . = inv(x.1
3
I
.
,
N
i s e i t h e r such a name o r
x.
= prod(s.,xk) or
i
j,k < i
(by
H 5 G
g e n e r a t o r s ) , t h e r e e x i s t s a s e t of
gl, . . . , g t
...,xt
where xi
t h e given names of g e n e r a t o r s of
redundant g e n e r a t z
elements
,...,xt,yO,
(iii) xl,
H = K. 0
I n p a r t i c u l a r , w e a r e a b l e t o remove
Corollary 4.3.
i s a reasonably encoded form of a sequence
(ii) y
of
K
names w i l l be t h e same a s t h e names of t h e
0
g e n e r a t o r s of
A c r u c i a l t o o l i n our arguments w i l l be t h e
.
G
The simulation of
s i n u l a t i o n of f a c t o r groups by t h e same group box.
using
B'
i s easy.
B
The
o p e r a t i o n s i n v and prod have n o t changed, and t h e
Theorem 4.6.
Given
can be viewed a s
, the
N a G
f a c t o r group
G/N
v e r i f i c a t i o n of
black box group with t h e same
9
code l e n g t h as f o r
.
G
The group box f o r
id' is fast.
G/N
Suppose now t h a t we have t h e e x t r a a b i l i t y of
can be sirmlated i n d e t e r m i n i s t i c polynomial t i m e
by t h e group box f o r
G
(i)- ( i v ) i n t h e d e f i n i t i o n of
non-identity v e r i f i c a t i o n , i . e . an a d d i t i o n a l
and a Turing machine
nonid(x,y) function i n d e f . 1.1.
(or RAM).
Proposition 4.8.
Conwent 4.7.
with n o n i d e n t i t y v e r i f i c a t i o n i s i n
P,B B
'' 2 , i . e . , s o l v a b l e i n polynomial t i m e by
c2
two-step a l t e r n a t i n g machines with an e x i s t e n t i a l
A s i n Def. 2 . 2 . ,
c
O ( l ~ l ~ ( ~ where
) )
exponent and
is t h e i n p u t .
x
new witness e x p o n t G
c'
In f a c t , we s h a l l have
Proof of 4.6.
Let
polynomial t i m e means
i s t h e o r i g i n a l witness
In p a r t i c u l a r , the
c
must depend on
only.
move followed by a u n i v e r s a l one.
c ' = c+3.
Proof.
Let u s d e f i n e a
and
Let
H
f B , (x) =
c ' = c+3
generators
,
f (x)N i f
fB(x)
N
fg(x)
{.
if
isomorphism
G
the
y
(g,l)
i s a c e r t i f i c a t e of
and
yl, . . . , y t
be ( t h e
G
The e x i s t e n t i a l p l a y e r guesses an
f
by guessing and c e r t i f y i n g
ul,
...,U
f: G
(xi,ui)
-t
of
H
H
sends
and d e c l a r i n g t h a t a n
xi
to
U
g,h # 1
.
.
Consequently, t h e same
holds f o r p e r m t a t i o n groups.
233
which from
Isomorphism of matrix groups over
finite fields is in
.
G X H
g e n e r a t e s a n element of t h e form
o r ( l , h ) , where
Corollary 4.9.
f (x) C N , i . e . ,
B
(i) y € S ( b c ' )
...,xt
guessing a s h o r t s.1. program i n
,
,
i d ' ( x , y ) = YES if
refer
i '
The u n i v e r s a l p l a y e r disproves t h i s c l a i m by
G
f
xl,
, resp.
isomorphism
,
GB, = G/N
B2
names o f ) t h e g e n e r a t o r s of t h e black box groups
new group box B' := (b, c ' , i n v , prod, i d ' , G B , , f B , )
Here
(B1,
t o t h e two group-box o r a c l e s . )
where
G 5 GB
B = (b, c , i n v , p:rod, i d , GB, f B ) .
Isomorphism of black box groups
5.
SOLVABILITY, NILPOTENCE, p-GROUPS.
a r e normal.
Our g e n e r a l r e f e r e n c e s i n group theory a r e
[Hal and [Hul.
Corollary 5.15.
We r e c a l l some d e f i n i t i o n s c r u c i a l
D e f i n i t i o n 5.1.
Let
E
G
K
K'
of
The commutator s e r i e s of a group
- (,(i)) ' .
i s t h e subgroup chain G ( O ) = G , G (i+l)
D e f i n i t i o n 5.3.
I?(G)
= 1.
i s solvable i f
G
We c a l l
Le-
E
G: xy =
For
t h e order of
p
Z(G)
of
G
y E
yx f o r each
a prime,
i s a power of
G
D e f i n i t i o n 5.7.
m
spaces over
GI.
.
G
L
are
G
and
K
(3
There e x i s t c e r t i f i c a t e s of
p
There e x i s t s a c e r t i f i c a t e of
"G i s a p-group".
the property
.
1s a
Proof.
F i r s t we have t o c e r t i f y t h a t
prime.
Then we c o n s t r u c t a c e r t i f i c a t e of t h e
p
G
n i l p o t e n c e of G ( 5 . 1 8 ) . F i n a l l y , we check t h a t
k
gp = 1 f o r some k and f o r each g e n e r a t o r
g o f G . 0
6.
ORDER OF SOLVABLE GROUPS:
UPPER BOUND
CERTIFICATE.
A subgroup
automorphisms of
G
H
H 5 G
is character-
Let
i s i n v a r i a n t under a l l
G
be a black box group and
n
an
integer.
.
Theorem 6.1.
C h a r a c t e r i s t i c subgroups a r e normal.
If
G
i s s o l v a b l e then t h e r e e x i s t s
a c e r t i f i c a t e of t h e r e 1 a t i o n " t h e o r d e r of
of
G
If
K,L
then so i s
are characteristic subgroups
[K,LI.
Consequently, a l l
The i d e a of t h e proof i s t o
guess a com-
p o s i t i o n s e r i e s , although a t t h i s moment we a r e
are characteristic.
unable t o v e r i f y t h a t t h e r e a r e no repeated groups
i n t h e sequence guessed.
Abelian groups and p-groups a r e n i l -
potent.
Fact 5.13.
G
d i v i d e s n".
members of t h e commutator and lower c e n t r a l s e r i e s
Fact 5 . 1 2 .
0
C e r t i f i c a t e s of being a b e l i a n ,
P r o p o s i t i o n 5.20.
i s a p-group
We s h a l l t h u s use t h e term
(H char G ) i f
Fact 5.11.
be
elerentary abelian, cyclic t r i v i a l l y exist.
l i n e a r independence f o r members of an e l e r e n t a r y
5.9.
5 G, i f
K,L,M
Combine 5.16 and Theorem 4.5.
Remark 5.19.
Such groups can be viewed a s v e c t o r
GF (p)
Let
s o l v a b i l i t y and of n i l p o t e n c e of given c l a s s .
i s an elementary a b e l i a n p-group
G
For
Corollary 5.18.
is
a b e l i a n group.
Fact 5.10.
1 5 j 5 t } i n t h i s subgroup.
M = [K,LI.
.
p
Remark 5.8.
Definition
5.11.
if
i s a b e l i a n and t h e n o n i d e n t i t y elements of
have o r d e r
istic
If
normal i n t h e subgroup they g e n e r a t e then t h e r e
G i s n i l p o t e n t of class 2 p r e c i s e l y i f
D e f i n i t i o n 5.6.
G
, resp.
L
exists a certificate for the relation
G' 2 Z(G).
if
and
a black box group.
G(m) = 1 for
n i l p o t e n t of c l a s s
G
The c e n t e r
Z(G) = {x
If
K
and
[K,L] i s t h e n o r m 1 c l o s u r e of
Proof.
D e f i n i t i o n 5.4.
Fact 5.5.
be g e n e r a t o r s of
,...,x i
x1
group p r o p e r t i e s f o r black box groups.
The lower c e n t r a l s e r i e s of G i s t h e subgroup
0
lil
chain K ( G ) = G , K
(G) = [G,K'(G)l.
.
and l e t
We now t u r n t o t h e q u e s t i o n of c e r t i f i c a t e s of
D e f i n i t i o n 5.2.
m
K,L 5 G
j
K' = [K,K].
some
Let
{ [xi,y 1: 1 C i 5 s,
is
K
n i l p o t e n t group
a r e normal i n t h e subgroup they g e n e r a t e ,
and L
then
The commutator subgroup
G
i s t h e only prime d i v i s o r of
p
i s a p-group.
G
yl,...,yt
t h e mutual
i s t h e group generated
[K,L]
h E L}.
K,
then
Fact 5.16.
K,L 5 G .
comyytator subgroup
i s t h e element
g,h E G
The commutator of
-1 -1
[ g , h l = g h gh.
[g,hl: g
If
t h e order of every g e n e r a t o r of a
f o r Section 9.
by
The Sylow subgroups of a n i l p o t e n t group
Fact 5.14.
PROCEDURE 6.2.
Every n i l p o t e n t group i s s o l v a b l e .
gl,-..,gm
234
,
Guess an i n t e g e r
subgroups
GO,G1,
m
...,Gm
,
elements
of
G
and
positive integers
i = 1,
kl,...,k
...,m
ence t e s t e r i s p r e c i s e l y an o r a c l e confirming
the identity.
when an element i s
(1) Go = G
(2)
Gm = 1
(3)
gi
(4)
Gi q GiWl
(5)
GiWl
Theorem 7.1.
GiWl
If
i s an elementary a b e l i a n
G
p-group with a k-independence t e s t e r , then a
m > k
c e r t i f i c a t e of t h e independence of
i s generated by
gi
and
G.
mst involve m r e than
(6) giki E Gi
II k . divides
i=l
'
n
independence t e s t s .
0
independence t e s t e r even i f an i d e n t i y t e s t e r i s
.
C e r t i f y t h e v a l i d i t y of
pWk
elements
k = 1 shows t h e n e c e s s i t y of an
The case
m
(7)
Observe t h a t a l-independ-
k-independence t e s t e r .
m such t h a t f o r
a v a i l a b l e and even f o r
(1) through ( 7 ) .
exponentially l a r g e .
END.
bound on
The following two i:esults imply Theorem 6.1.
k
G = Z2
s i n c e p may be
P '
The r e s u l t a l s o shows t h a t no
can be imposed, even i f
p
i s small.
I n our s p i r i t of nondeterminism, we d e f i n e
L e m 6.3.
The output of PROCEDURE 6.2
(guesses
t h e independence t e s t e r t o be used i n t h e sub-
and c e r t i f i c a t e s ) forms a c e r t i f i c a t e of t h e
is soi:vabZe and
relation "G
Le-
6.4.
/GI
divides
Corollary 6.5.
If
G
i s solvable,
c e r t i f i c a t e s of t h e orders of
constructed.
N U G
tester is a triple
and
N
and a
where
i s a group box, c ' i s a p o s i t i v e i n t e g e r and ind i s
a function
can be
G/N
(B, ind, c ' )
B = (b, c , inv, prod, i d , GBi f B )
i s a v a i l a b l e , then
G
A group box with independence
Definition 7.2.
0
Such a c e r t i f i c a t e always e x i s t s .
c e r t i f i c a t e of t h e order of
sequent s e c t i o n s a s follows.
0
n".
D
ind: Z
2S(b)
X
X
S(bc')
{YES,
+
*I
such t h a t
(1) i f
7.
LOWER BOUND: THE NECESSITY OF THE INDEPENDENCE
t 5 b
TESTER.
f
B
t l I ~ Iz
[HI = pt
(i) if
(x )
1
b
, x1,...,xt
., f g (x,)
,..
E SB
generate an
then t h e r e e x i s t s a witness
y E s ( b c ' ) such t h a t
n".
t h i s f o r black box groups without any a d d i t i o n a l
I n f a c t , even proving
f
]GI
1
...,xt} , Y )
ind (p, {x,,
I t i s c l e a r t h a t we shall not be a b l e t o do
gadget.
and
< 2
elementary a b e l i a n p-subgroup H 5 GB, then
We wish t o c o q s t r u c t a c e r t i f i c a t e of t h e
relation
i s a prime
p
(ii) i f
is
IH( < pt
= YES
y t S(bc'),
then f o r each
.,xt},y)
ind (p,{xl,..
=
*
.
impossible without an exhaustive search of a l l
p o s s i b l e witnesses o f t h e p o s s i b i l i t y
some product
g
o r generators of
G
g = 1
.
Coment 7.3.
for
i s v i o l a t e d , t h e output m y be e i t h e r
B u t even
and w i l l c a r r y no information.
i f t h e group box comes with an i d e n t i t y t e s t e r
YES output i s
attached, we run i n t o t r o u b l e i n t h e next simplest
case:
elementary a b e l i a n groups.
I n t h e case any of t h e conditions (1)
a prinality certificate for
o r a c e r t i f i c a t e of
As we shall see
H
*
p
being an e l e m n t a r y a b e l i a n
These conditions have t o be c e r t i f i e d
p-group.
presently, it i s i n p o s s i b l e t o c e r t i f y l i n e a r
YES o r
In particular, a
separately.
independence of generators without a p r o h i b i t i v e
For computations i n a black box group
number of group operations and q u e r i e s to t h e
Comment 7.4.
identity tester.
with independence t e s t e r , t h e only change we have
Let
G
be a klack box group.
Assume
is
G
an elementary a b e l i a n p-group.
Assume f u r t h e r
t h a t f o r any s e t of a t most
e1emx-h
k
oracle t e l l s whether or not the k-maple
independent.
of
G
t o m k e i n Comment 2 . 1
i s t h a t one m r e type of
o r a c l e query (IND(x)) i s permitted.
t i m e computation on i n p u t
-
an
length
i s
_C
I
~
i n Def. 2 . 2 ) .
We c a l l such an o r a c l e a
235
I
~
(
x
A polynomial
w i l l now have
~ (as
, ~opposed
' )
to
C
8.
following r e s u l t .
CERTIFICATE OF ORDER FOR ABELIAN p-GROUPS.
we prove an a u x i l i a r y r e s u l t which i s a
p a r t i c u l a r c a s e of Cor. 9.2.
We s h a l l use it i n
Let
G
independence t e s t e r .
"IGI
relation
Remrk 8 . 2 .
Assume
,
p-group of
t h e p r i m l i t y of t h e
P. 5 G
soc(G), t h e s o c l e
p
pi
, certify
i=l
guess p.-subgroups
p.
1
IP.
such t h a t
I
,
= pYi
t o c e r t i f y t h e order of each
The independence tester w i l l be used
c o n s i s t i n g of a l l elements of o r d e r
ai
s
i s an a b e l i a n
G
n =
,
and use Lemna 9.3
Pi
..,SI .
( i = 1,.
0
I n t h e proof of t h e Lemma w e s h a l l h e a v i l y
of
[ H a , Thm.
r e l y on t h e n i l p o t e n c e of p-groups
to-
10.3.41
( c f . Section 5 ) .
We s h a l l use t h e following well-known f a c t .
group).
Guess i n t e g e r s
PROCEDURE 8 . 2 .
elements
of
gl, ...,gm
(1) gl, . . . , g m
...,km
P r o p o s i t i o n 9.4.
and
ki
9," = 1
G
gf
(4)
n =
kl
IIp
i=l
=
1,
"..,m
.
( C f . [Hu, p. 262,
0
of
H
is nilpotent
unless
then
G
IHI
[H,K]
= 1
.
Sat2 111.2.6.1 . )
c e r t i f i c a t e f o r t h e order of a p-group
input i s
PROCEDURE 9.5.
Such a c e r t i f i c a t e always e x i s t s .
0
for
i = 0,
v a l u e s of
CERTIFICATES.
LOWER BOUND
In t h i s section, we present
p
and t h e f a c t t h a t
is a
G
Guess p o s i t i v e i n t e g e r s
u(i), v(i), w(i)
G
ORDER OF GROUPS:
The
p-group.
0
= n".
.
G
O f course, f i r s t w e c e r t i f y
(G,n,p).
t h e p r i m a l i t y of
(guesses
and c e r t i f i c a t e s ) forms a c e r t i f i c a t e of t h e
our rmin
i
and subgroups
...,m
G.
and
m
,
Hi
ri,
of
such t h a t f o r a l l s e n s i b l e
,
the
Gi
Gi+l
5 Gi
and
are normal i n
Hi
5 Hi+l
G
5 Hi
= Ho = H1=
Gm = 1
Go
result.
Let
.
W
e next d e s c r i b e t h e c o n s t r u c t i o n of a
The o u t p u t of PROCEDURE 8 . 2
Lemma 8.4.
9
(x) = Ix,gI
G'
G
a r e normal subgroups of
H, K
i s a proper subgroup
The following two r e s u l t s imply 8.1.
"IGI
f
to
G
Another easy f a c t i s t h a t i f
and
C e r t i f y t h e v a l i d i t y of (1) t o ( 4 ) . END.
relation
defined by
9
i s a homomorphism of
G)
g E G,
then f o r any
G' 5 Z(G))
f
group
(i = l , . . . , m )
are l i n e a r l y independent f o r i
Lemma 8.3.
i s a nilpotent
G
t h e g-commutator nap
k.-1
(3)
If
of class 2 ( i . e . ,
such t h a t
G
generate
m, kl,
(x
9.
is a
To d e r i v e Theorem 9.1 from t h i s l e m a , w e
g e t h e r with t h e i d e n t i t y (an elementary a b e l i a n
(2)
G
guess t h e p r i w f a c t o r i z a t i o n
= n".
only once, f o r a b a s i s of
G
There e x i s t s a c e r t i f i c a t e f o r t h e
is prime and
be a black box group w i t h a n
Then t h e r e e x i s t s a c e r t i f i c a t e f o r t h e
p-group.
Lemm 9.3.
r e l a t i o n "p
order n".
t h e next s e c t i o n .
Theorem 8.1.
be a p o s i t i v e i n t e g e r .
p
Let
G
be a black box group with independence
t e s t e r and l e t
n
= IHi,Gil
Gi+l
be a p o s i t i v e i n t e g e r .
Hi+l/Gi+l
Theorem 9.1.
There exists a
c e r t i f i c a t e for t h e
r.
r e l a t i o n "n d i v i d e s t h e order o f G".
By Theorem 6.1,
Corollary 9.2.
If
G
n
(H./Gi+l)
guess t o r e p r e s e n t
w e i m d i a t e l y conclude:
has o r d e r
5
is the number of generators employed i n the
I H ~ / G ~I
and i s s o l v a b l e
_C U
Hi
(i)
5 w(i)
then t h e r e l a t i o n "n = 1Gl"can be c e r t i f i e d .
I,HI
For e x t e n s i o n s of t h i s c o r o l l a r y , see
= u(m)
v ( i ) u (i+l)
= u ( i ) w (i+l)
Section 11.
lIrmpi
Theorem 9 . 1 i s an immediate consequence of t h e
236
I
= v(i),
where
Hi/Gi+l
(pi:
+
( (Hi/Gi+r)
')
r
Remark 1 0 . 3 .
i s defined by
cp.
,..., k , g r I )
gl, ...,g,,
a r e t h e g e k e r a t o r s of
(13) n
(x 6 Hi/Gi+l)
O(l0g 9 ) )
if
.
Hi
m
=
II w ( i )
i=l
of
be a f i e l d of
F
.
qr
Assume
(This i s c e r t a i n l y t h e case
Now i n o r d e r t o r e p r e s e n t
-
K
we only need t o guess an i r r e d u c i b l e polynomial
f
of degree
r
over
F
.
Irreducibility t e s t
mOst
of 10.1.
r
Case A.
(1) through ( 1 4 )
~
Let
q = ps
where
i s a prime.
p
W
e have t o d i s t i n g u i s h two c a s e s .
log n generakors.
t h e v a l i d i t y of
I-].
[Bel, c f .
Proof
a l l groups guessed a r e represented by a t
END
.
p
=
F i r s t of a l l , Md(q), t h e
The following two r e s u l t s imply Lemma 9.3.
d
by
d
matrix
a l g e b r a can be w r i t t e n as a t e n s o r product over
The o u t p u t of PROCEDURE 9.5 (guesses
.
This g i v e s u s
= GF(q) @GF(p)Md(p)
GF(p): M d ( q )
of c e r t i f i c a t e s ) f o r m a c e r t i f i c a t e of t h e
an embedding
relation"IG1 = n " .
L e m 9.7.
.
F
is prim.)
q
time
I
u ( i ) , v ( i ) , w ( i ) 5 n, and
Lemma 9.6.
Let
a f i e l d of order
K
over f i n i t e f i e l d s i s d e t e r m i n i s t i c polynomial
(14) m, ri 5 log n
Certify
and
q
we have a r e p r e s e n t a t i o n (by s t r i n g s of l e n g t h
corresp&nding t o t h e ri g e n e r a t o r s
H./Gi+l
Of
order
(x) = ( t x , g l l
where
W
e have t o make a comment on how t o
represent f i n i t e f i e l d s .
.
GL(d,q) C GL(ds,p)
(To make t h i s e f f e c t i v e , we need an e x p l i c i t
This c e r t i f i c a t e always e x i s t s .
r e p r e s e n t a t i o n of
a s a subalgebra of
GF(q)
Ms(p), which immediately follows from t h e u s u a l
For lack of space, we have t o omit t h e (long) proof
of t h e s e r e s u l t s . W
e remark t h a t i f
(1) through (14) r e p r e s e n t a t i o n of GF(q) a s a f a c t o r a l g e b r a
hold then e q u a l i t y holds i n
(6), ( 8 ) and ( 9 ) and t h e
GF (p) [XI .I
subgroups G . , H . a r e uniquely determined c h a r a c t e Henceforth we m y t h u s assume s = 1,
r i s t i c subgrhups &f G. The group H i s elementary
i.e., q = p
abelian. The v e r i f i c a t i o n of
(10) i s t h e only p l a c e
i n t h e procedure where t h e independence t e s t e r i s used.
Let P
.
be t h e group of upper t r i a n g u l a r
m t r i c e s with a l l diagonal e n t r i e s equal t o 1.
10.
INDEPENDENCE CERTIFICATES FOR MATRIX GROUPS.
i s t h e sylow p-subgroup of
Sylow's theorem,
I n o r d e r t o apply t h e r e s u l t s of t h e preceding
s e c t i o n s t o matrix groups over f i n i t e f i e l d s , we
F i r s t we guess
have t o c o n s t r u c t independence c e r t i f i c a t e s f o r
generator
bases of elementary a b e l i a n subgroups of matrix
G 5 P.
P
Of course, these c e r t i f i c a t e s nake no
groups.
Let
r-subgroup of order
G
be an elementary a b e l i a n
n
of
GL(d,q).
of
has order
{ (if
j)
pairs
of m a t r i c e s .
Let
x-lGx 5 P
x
G
.
:
This
Hence, by
x E GL(d,p).
f o r some
and v e r i f y
x-lgix
f o r each
€ P
Henceforth we may assume
pm where
Let u s s o r t t h e s e t of
r e f e r e n c e t o any group box: t h e i r i n p u t i s a s e t
Theorem 10.1.
gi
GL(d,p).
m = d (d-1)/2.
m = d(d-1)/2 ordered
1 5 i < j C d) l e x i c o g r a p h i c a l l y .
f(k) = (ik,jk) denote t h e
kth mmber of t h i s
sequence (1 5 k 5 m) .
Then t h e r e
FOr a m t r i x
e x i s t s a c e r t i f i c a t e of t h e r e l a t i o n "]GI = n".
1 # g = (aij)
€ P
I
let
1.1 (g) = min{k: a f (k) # 0 ) .
Rewrk 1 0 . 2 .
This r e s u l t c l e a r l y s u f f i c e s f o r t h e
We s e t p ( 1 ) = m
implementation of t h e independence t e s t e r f o r
GL(d,q).
Given
g,, ...,gm,
elementary a b e l i a n r-group
n
(the order of
G ),
g e n e r a t o r s of t h e
Claim.
G C GL(d,q), we guess
I G I = pt
generators
construct a c e r t i f i c a t e of
4
1.
i f and only i f
gll...lgt
p(q) 4 p(yz)
+
--- c
G
has
t
such t h a t
/L(3t ) -
a
" I G I = n " ( t h i s i s t h e w i t n e s s ) , and determine i f
n = r
m
.
A s e t of g e n e r a t o r s described
237
i n the C l a i m is
a certificate for
1'
I G I = pt
Case B.
most s i q l e groups of Lie-type.
r # p.
we extend it t o
GF(qe) where
exponent such t h a t
r\qe-l.
e
e
5
d
follow from i t s r e s t r i c t i o n t o small dimension.
be-
For i n s t a n c e , i f
r e p r e s e n t a t i o n theory (Maschke' s theorem)
Gx 5 D
where
D
i s isomorphic t o
D
,
x
having guessed
independence over
This i s l e s s than r e q u i r i n g
corresponding group.
g e n e r a l e x p l i c i t f o r m l a s , which do, however,
e x i s t i n a l l known c a s e s .
our problem reduces t o l i n e a r
GF(r).
a certificate
has t o g u a r a n t e e t h e standard n a m of t h e
Hence,
Zd
Note t h a t t h i s
Theorem 1 1 . 4 .
Suppose t h a t every composition
r e d u c t i o n r e q u i r e s solving t h e d i s c r e t e logarithm
f a c t o r of a black box group
problem i n
a known simple group with a v e r i f i a b l e
GF(q)
by guessing and v e r i f y i n g t h e
exponents.
p r e s e n t a t i o n of l e n g t h
i s isomorphic t o
G
.
5 ( l o g n)'
Then t h e r e
CERTIFICATE OF UPPER BOUND?
THE GROUP
Proof.
A s i n t h e proof of Theorem 6.1,
PRESENTATION CONJJXTURE.
composition s e r i e s
I n Section 6 we have e s t a b l i s h e d a c e r t i f i c a t e
guess g e n e r a t o r s of
/GI (n
of t h e r e l a t i o n
has a p r e s e n t a t i o n of l e n g t h
.
Si
isomorphic t o
We v e r i f y t h a t t h e s e r e l a t i o n s hold f o r
Giq1/Gi
.
The i m p l i c a t i o n i s t h a t e i t h e r
. Consequently
Si
Gi-l/GiS
-
G.
1-1 - Gi
we have a
m
]GI n
c e r t i f i c a t e of
The l e n g t h of a
t r u e order of
p r e s e n t a t i o n i s t h e t o t a l number of c h a r a c t e r s
r e q u i r e d t o w r i t e down a l l r e l a t i o n s .
We
.
or
By a p r e s e n t a t i o n we m a n a d e f i n i t i o n i n terms
of g e n e r a t o r s and r e l a t i o n s .
.
= 1
Gi-l/G.
group of o r d e r n
5 (log d C
... D Gm
corresponding t o
Gi-l/Gi
of t h e known simple group
g e n e r a l i z e t h e argument t o a r b i t r a r y groups.
Every f i n i t e s-le
D
0
we guess a
t h e g e n e r a t o r s involved i n t h e s h o r t p r e s e n t a t i o n
f o r s o l v a b l e groups.
The following c o n j e c t u r e would enable us t o
Conjecture 11.1.
G = G
.
/ G I In
e x i s t s a c e r t i f i c a t e of t h e r e l a t i o n
11.
and
The p r e s e n t a t i o n s n o t only must
e x i s t b u t have t o be v e r i f i a b l e , i . e . ,
GL(d,q),
i s t h e group of
rth r o o t s of u n i t y i n
diagonal n a t r i c e s with only
the diagonal.
x
11.1 says.
what
PSL(2,q)
PSL(d,q).
We a c t u a l l y need s l i g h t l y more t h a n
Remark 11.3.
Now, by standard elementary arguments of
-1
11.1 holds f o r
PSL(3,q) then it holds f o r
implies t h a t GF(q) c o n t a i n s t h e rth r o o t s of u n i t y .
x
C u r t i s ICul,
whose r e s u l t s imply t h a t t h e c o n j e c t u r e would
cause rI (GL(d,q)l . ) Thus we may assume e = l . This
[Ha, 16.3.21 it follows t h a t f o r some
The s t r o n g e s t
evidence comes from t h e work of C.W.
i s the smallest
(Clearly
PSL(2,p)
a n important b u i l d i n g block i n
(p prime) [BM],
I n t h i s c a s e , r a t h e r than reducing t h e f i e l d
we have
i s known t o hold f o r
The c o n j e c t u r e
13.
This completes t h e proof i n Case A.
(Although
Renark 11.5.
G
.
where
n =
r[ ISi[
i s the
i=l
n
We m n t i o n , as a c u r i o s i t y , t h a t a l l
'
i t does n o t n a t t e r , we m y agree t h a t exponents
composition f a c t o r s of t h e automrphism group of
a r e w r i t t e n i n blnary.)
a p l a n a r graph
Remark 1 1 . 2 .
if
There i s p l e n t y of evidence i n favor
I t holds f o r c y c l i c and a l t e r n a t i n g groups.
Sporadic groups d o n ' t count.
Renark 1 1 . 6 .
For groups of
box group, an
Our
If t h e hypothesis of 1 1 . 4 holds
and
t h e group box i s complete with independence t e s t e r ,
Lie type, X ( d , q ) say (d by d m t r i c e s over G F (9)
,
then (by 9.1) t h e exact o r d e r of
G
is certifiable.
and so t h e requirement i s t o have a
p r e s e n t a t i o n of l e n g t h
presentations
length
such a group is
upper bound on i t s o r d e r can be c e r t i f i e d .
of t h e c o n j e c t u r e .
n < qd2
a r e c y c l i c o r a l t e r n a t i n g 1% 11.
(
5 (d l o g q ) c
.
Steinberg's
12. ARTHUR
I S t l , c f . ICa, p. 1901 1, have
proving t h e Conjecture f o r
9 < dC
vs*
GAMES:
A
Merlin t r i e s t o convince t h e i n t e l l i g e n t b u t
-
i m p a t i e n t King Arthur t h a t a n i n p u t s t r i n g
(c denotes a d i f f e r e n t c o n s t a n t i n each f o r m l a . )
belongs
238
t o t h e language
L
.
x
If L€NP, Merlin j u s t p r e s e n t s a c e r t i f i c a t e
Theorem 13.1.
(of polynomial l e n g t h ) .
Even i f
i s n o t known t o belong t o
L
Merlin m y have
NP
e x i s t s a combinatorial game,depending on
x
,
G
l o g Gn n
of
+
G
x1€1
... :x
where
be a group of order n
Then t h e r e exist
3J.
such t h a t every member
G
o c c u r s armng t h e 2t
of
Suppose t h e r e
+
xl,...,xt
elements
way of convincing Arthur provided
ii
Arthur a c c e p t s s t a t i s t i c a l evidence.
t = Llog n
and
,
Let
[BE].
subproducts
= 0,l
.D
between Arthur a r d Merlin such t h a t
(i) A r t h u r ' s m v e s a r e random ( j u s t r o l l s t h e d i c e ,
1 4 . OPEN PROBLEMS.
does n o t t h i n k ) ;
(ii) i f
x 6 L
(iii) i f
f
x
L
l e a s t as d i f f i c u l t a s d i s c r e t e l o g or some o t h e r
d i f f i c u l t number t h e o r e t i c problem.
then Merlin has less t h a n 1%
chance of winning, no n a t t e r how c l e v e r l y he p l a y s .
I
~x
1x1"
'
harder than, say, f a c t o r i n g i n t e g e r s ?
time and t h e gane mst t e r m i n a t e i n
isomorphism.
L e t u s c a l l t h e c l a s s of languages,
recognizable by such games,
number of m v e s ) .
L e t us w r i t e
AM(k1
number of moves i s r e s t r i c t e d t o
m v e s f i r s t ; and
Clearly,
and
k
MA =
M A ( 1 ) = NP
This problem seems t o be open even f o r
It is c l e a r IPal
14.4.
and Arthur
AM
k
( c f . Sect. 1 2 ) that
CAM(p) 5 PSPACE. How
does AM compare with
members of t h e polynomial t i m e hierarchy?
evidence t h a t
MA(2).
and
for
i s a c a n d i d a t e , c f . Sections 1 2 ,
p e r n u t a t i o n groups.
Finally, l e t us
A M ( 1 ) = BPP [Gil.
O u r gama5 are like Papadimitriou's
(AM
i f the
i f t h e r e a r e a t most
MA(k)
m v e s and Merlin m v e s f i r s t .
AM = AM(2)
13.)
AM(fi) (P f o r polynomial
E;
Prove something better than
14.3.
mves.
write
Shall we expect t h a t membership i s not
14.2.
A s s u m e i n a d d i t i o n t h a t each mwe t a k e s a t
mst
group membership i s a t
Prove t h a t m t r i x
14.1.
then Merlin has a s t r a t e g y which
g i v e s him a t l e a s t 99% chance of b e a t i n g Arthur;
Let
14.5.
" G a m s against
G
AM
CONP.
Could
AM
- not
G
.
(For
Nature" I P ~ ] , with t h e very s i g n i f i c a n t d i f f e r e n c e
p e r n u t a t i o n groups
t h a t t h e winning p r o b a b i l i t i e s must be bounded away
f i n d i n g t h e c e n t e r i s i n P [LU 2 1 , c f .
This i s w h a t nakes such a game a
from 1/2.
14.6.
" p r a c t i c a l " way f o r Merlin t o convince Arthur t h a t
One can prove t h a t t h e h i e r a r c h y obtained f o r
k 1 2
k
we have
Mn(k+l)
C0:LlapSeS
NI'
U BPP
IBa 21.
i n P ILU 11 .)
5 MA 5 AM
14.7.
= AM(k) =
14.8.
,
.
(For
permutation groups, s i m p l i c i t y can be decided i n
It i s a l s o easy t o p r w e t h a t f o r a random
with p r o b a b i l i t y 1
Find a c e r t i f i c a t e of s i m p l i c i t y .
polynomial ti=, [Lu 37, c f .
(The i n c l u s i o n s seem more l i k e l y t o be proper.)
AM
(For
finding the intersection i s
For any c o n s t a n t
5 AM(P) 5 PSPACE.
oracle A
[BKL] .)
There a r e many group-theoretic problems
s o l v a b l e i n polynomial t i m e f o r permutation groups.
5 NPA
(Cf.14J
-
14.T-
F u r t h e r examples: membership,
normal closure, s o l v a b i l i t y IFHLl
of o r d e r
1 3 . STATISTICAL VERIFICATION O F "EXACT ORDER".
p
,
f i n d i n g elements
and Sylow subgroups 1-3,
IKTI
( c f . [ B K L I ) , f i n d i n g composition f a c t o r s ILu 3 1 . 1
Can any of t h e s e be done i n polynomial (sub-
There e x i s t s a 3-move game (Merlin-ArthurMerlin) t o show t h a t "exact o r d e r " i s i n MA(3)
exponential) time f o r mtrix groups?
and consequently (Sect. 1 2 ) i n AM and t h e r e f o r e
r e s u l t s a r e a v a i l a b l e f o r 2 by 2 matrix groups
in
NPA f o r almost every o r a c l e A.
-
IHol.)
Find a c e r t i f i c a t e of t h e i n t e r s e c t i o n of
permutation p-groups,
increasing
n e c e s s a r i l y p-groups
two p-subgroups of a matrix group.
x € L .
hold?
Find a
be a m t r i x p-group.
c e r t i f i c a t e of t h e c e n t e r of
Give
5. 1;
IFMI -
The proof
i s elementary. I t is based on t h e f o l l o w i n g .
239
Positive
REFERENCES
IBa 1 7
[Ea
21
Susan Landau and G . L. Miller, S o l v a b i l i t y
by r a d i c a l s i s i n polynomial t i m e ,
Proc. 1 5 t h ACM Symp. on Theory of
Computing, Boston 1983, pp. 140-151.
g:
Babai, Automorphism groups of p l a n a r
graphs 11, &: I n f i n i t e and F i n i t e S e t s ,
Proc. Conf. Keszthely 1973 (A. Hajnal e t
a l . e d s . ) , North-Holland 1975, pp. 29-84.
L.
L. Eabai, Arthur VS. Merlin garoes:
s h o r t hierarchy, i n preparation.
R . J . Lipton, L. Snyder and Y. Z a l c s t e i n ,
The complexity of word and isomorphism
problems f o r f i n i t e groups.
(Preliminary
Report) h: Proc. 1 0 t h Conf. on I n f o .
S c i . and Systems, Johns Hopkins Univ.,
Baltimore 1976, pp. 33-35.
a
L. Babai and P. Erdgs, Representation of
group elements as s h o r t products, &:
Theory and Practice of Combinatorics
(A. Rosa e t a l . , e d s . ) , Annals of D i s c r .
Math. 1 2 (19821, pp. 27-30.
E.M. Luks, Isomorphism of graphs of
bounded valence can be t e s t e d i n polynomial
t i m e , J. Comp. Syst. S c i . , 25 (1982),
42-65.
L. Babai, W.M. Kantor and E.M. Luks,
Computational complexity and t h e c l a s s i f i c a t i o n of f i n i t e simple groups, &:
Proc. 24th IEEE Symp. Found. Comp. S c i . ,
Tucson, Ariz. 1983, pp. 162-171.
E.M. Luks, The complexity of permutation
group problems, 1980 (unpublished).
E.M. Luks, Testing s i m p l i c i t y of
permutation groups,in p r e p a r a t i o n .
L. Babai and E.M. Luks, Canonical l a b e l i n g
of graphs, &: Proc. 1 5 t h ACM Symp. Thy.
Computing, Boston 1983, pp. 171-183.
Mihailova,
d i r e c t products
Akad. Nauk SSSR
Mat. Sb. ( N . S . )
K.A.
B e h r and J . L . Mennicke, A p r e s e n t a t i o n
of t h e groups PSL(2,p), Canad. J . Math. 20
(1968), 1432-1438.
H.
C.H.
Papodimitriou, Games a g a i n s t Nature,
I E E E Symp.
Found.
Comp.
i n : Proc.
24th
Sei.,
Tucson,
Ariz.,
1983, pp.
446-450.
B e r l e k a n p , Factoring polynomials over
l a r g e f i n i t e f i e l d s , Math. Comput. 24
(1970) , 713-735.
E . R.
P r a t t , Every prime has a s u c c i n c t
c e r t i f i c a t e , SIAM J. Computing 4 (1975),
214-220.
V.R.
R. C a r t e r , Simple groups of L i e t y p e , Wiley-
I n t e r s c i e n c e , N.Y.,
The occurrence problem f o r
of groups ( R u s s i a n ) , Dokl.
119 (19581, 1103-1105 and
70(112) (1966),241-251.
1972.
C.W. C u r t i s , C e n t r a l e x t e n s i o n s of groups of
Lie type, J. Reine Angew. Math, 2 2 0 (1965),
174-185.
M.O. Rabin, P r o b a b i l i s t i c algorithms i n
f i n i t e f i e l d s , SIAM J. Comp. 9 (ISSOl,
273-280.
F a i t h F i c h and G.L. Miller, p r i v a t e
communication, 1982.
in:
N.Y.,
F u r s t , J. Hopcroft and E.M. Luks,
Polynomial-tim algorithms f o r
p e r m t a t i o n groups, 1”: Proc. 2 1 s t IEEE
Symp. Found. Comp. S c i . , Syracuse, N . Y . ,
1980, pp. 36-41.
A. Sinkov, The number of a b s t r a c t
d e f i n i t i o n s of LF(2,p) a s a q u o t i e n t
group of (2,3 , n ) , J. of Algebra 1 2
(1969) , 525-532.
C.C.
M.L.
D . Gorenstein, F i n i t e Simple Groups:
R. Steinberg, G&&ateurs,
relations e t
reve^tements d e groupes alghbriques, &:
Colloque sur l a t h g o r i e d e s groupes
a l g & b r i q u e s , C.B.R.M.,
Brussels 1962,
pp. 113-127.
An
Introduction t o t h e i r Classification,
1982.
Plenum, N.Y.,
M. Hall, Jr., The Theory of Groups,
MacMillan, N.Y.,
1959.
Hoffmann, Group Theoretic Algorithms
and Graph Isomrphism, Lecture Notes i n
Comp. S c i . 136, Springer, N . Y . 1982.
C.M.
B. Huppert, Endliche Gruppen I, Springer,
B e r l i n 1967.
D.S. Johnson,
column;
The NP-completeness
an ongoin9 guide, J. A l g o r i t h m s ,
September 1984.
Kantor, Polynomial t i m e algorithms
f o r f i n d i n g e l e m n t s of prime order and
Sylow subgroups, t o appear.
W.M.
W.M.
Kantor and D.E.
Sims, Some group t h e o r e t i c algorithms,
Lect.
i n Math. 697, Springer,
1978, Notes
pp. 108-124.
Taylor, Polynomial-
t i m e v e r s i o n s of Sylow‘s theorem, t o
appear.
240
© Copyright 2026 Paperzz