# Trading group theory for randomness

@inproceedings{Babai1985TradingGT, title={Trading group theory for randomness}, author={L{\'a}szl{\'o} Babai}, booktitle={STOC '85}, year={1985} }

In a previous paper [BS] we proved, using the elements of the theory of <italic>nilpotent groups</italic>, that some of the <italic>fundamental computational problems in matriz groups</italic> belong to <italic>NP</italic>. These problems were also shown to belong to <italic>coNP</italic>, assuming an <italic>unproven hypothesis</italic> concerning <italic>finite simple groups</italic>.
The aim of this paper is to replace most of the (proven and unproven) group theory of [BS] by elementary…

## 775 Citations

Deciding finiteness of matrix groups in Las Vegas polynomial time

- MathematicsSODA '92
- 1992

It is shown that one can decide whether or not G G is finite, in Las Vegas polynomial time, and structural properties such as solvability andnilpotence are decidable in Monte Carlo polynometric time.

Probabilistic checking of proofs: a new characterization of NP

- Mathematics, Computer ScienceJACM
- 1998

It is shown that approximating Clique and Independent Set, even in a very weak sense, is NP-hard, and the class NP contains exactly those languages for which membership proofs can be verified probabilistically in polynomial time.

Separating and collapsing results on the relativized probabilistic polynomial-time hierarchy

- PhysicsJACM
- 1990

The probabilistic polynomial-time hierarchy (BPH) is the hierarchy generated by applying the BP-operator to the Meyer-Stockmeyer polynomial-time hierarchy (PH), where the BP-operator is the natural…

Essentially optimal interactive certificates in linear algebra

- Computer ScienceISSAC
- 2014

All the authors' certificates are based on interactive verification protocols with the interaction removed by a Fiat-Shamir identification heuristic, and the validity of the verification procedure is subject to standard computational hardness assumptions from cryptography.

Polynomial-time theory of matrix groups

- MathematicsSTOC '09
- 2009

The order of the largest semisimple quotient can be determined in randomized polynomial time (no number theory oracles required and no restriction on parity), and a natural problem is obtained that belongs to BPP and is not known to belong either to RP or to coRP.

Unknotting is in AM ∩ co-AM

- MathematicsSODA '05
- 2005

Hass, Lagarias, and Pippenger analyzed the computational complexity of various decision problems in knot theory. They proved that the problem whether a given knot is unknotting is in <b>NP</b>, and…

Some facets of complexity theory and cryptography: A five-lecture tutorial

- Computer Science, MathematicsCSUR
- 2002

This tutorial discusses the notion of one-way functions both in a cryptographic and in a complexity-theoretic setting, and considers interactive proof systems and some interesting zero-knowledge protocols.

New (and Old) Proof Systems for Lattice Problems

- Computer Science, MathematicsPublic Key Cryptography
- 2018

It is shown that \(\textsf {GapSPP}\) admits SZK proofs for remarkably low approximation factors, improving on prior work by up to roughly \(\sqrt{n}\).

An Efficient Quantum Algorithm for Some Instances of the Group Isomorphism Problem

- MathematicsSTACS
- 2010

This paper presents a quantum algorithm solving instances of the nonabelian group isomorphism problem exponentially faster than the best known classical algorithms.

On the communication complexity of zero-knowledge proofs

- Computer Science, MathematicsJournal of Cryptology
- 2007

This paper studies the concrete complexity of the known general methods for constructing zero-knowledge proofs, and establishes that circuit-based methods, which can be applied in either the GMR or the BCC model, have the potential of producing proofs which could be used in practice.

## References

SHOWING 1-10 OF 30 REFERENCES

On the Complexity of Matrix Group Problems I

- MathematicsFOCS
- 1984

A theory of black box groups is built, and it is proved that for such subgroups, membership and divisor of the order are in NPB, and under a plausible mathematical hypothesis on short presentations of finite simple groups, nom membership and exaact order will also be inNPB.

Two theorems on random polynomial time

- Computer Science19th Annual Symposium on Foundations of Computer Science (sfcs 1978)
- 1978

Where the traditional method of polynomial reduction has been inapplicable, randomness has been used in demonstrating intractibility by Adleman and Manders, and in showing problems equivalent by Rabin, a new examination of randomness is in order.

Riemann's Hypothesis and tests for primality

- Computer Science, MathematicsSTOC
- 1975

It is shown that primality is testable in time a polynomial in the length of the binary representation of a number, and a partial solution is given to the relationship between the complexity of computing the prime factorization of a numbers, computing the Euler phi function, and computing other related functions.

The knowledge complexity of interactive proof-systems

- Mathematics, Computer ScienceSTOC '85
- 1985

A computational complexity theory of the “knowledge” contained in a proof is developed and examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity.

Polynomial-time algorithms for permutation groups

- Mathematics21st Annual Symposium on Foundations of Computer Science (sfcs 1980)
- 1980

It is demonstrated that the normal closure of a subgroup can be computed in polynomial time, and that this proceaure can be used to test a group for solvability.

Relative to a Random Oracle A, PA != NPA != co-NPA with Probability 1

- Computer Science, MathematicsSIAM J. Comput.
- 1981

Let A be a language chosen randomly by tossing a fair coin for each string x to determine whether x belongs to A, and${\bf NP}^A is shown, with probability 1, to contain a-immune set, i.e., a set having no infinite subset in ${\bf P]^A $.

A Fast Monte-Carlo Test for Primality

- MathematicsSIAM J. Comput.
- 1977

A uniform distribution a from a uniform distribution on the set 1, 2, 3, 4, 5 is a random number and if a and n are relatively prime, compute the residue varepsilon.