Rahul Santhanam
2.2 Computational Problems
The starting point of ourNP-hardness results is the set cover problem on instances where each set has size at mostr.
IDefinition 4 (r-Bounded Set Cover Problem). For an integerr∈N, ther-Bounded Set Cover Problem is defined as follows:
Input. An integern∈Nand a collectionS ⊆2[n] of nonempty subsets of the universe [n] such that|S| ≤rfor eachS∈ S, andS
S∈SS= [n].
Output. The minimum number`of subsetsS1, . . . , S`∈ S such thatS`
i=1Si= [n].
For this problem, a tight inapproximability result based onNP-hardness is known.
ITheorem 5(Feige [17], Trevisan [42]). Letr be a sufficiently large constant. It isNP-hard (under polynomial-time many-one reductions)to approximate the solution of ther-bounded set cover problem within a factor oflnr−O(ln lnr). That is, for any languageL∈NP, there exists a polynomial-time machine that, on input x, outputs a threshold θand an instance S of ther-bounded set cover problem such that ifx∈Lthen S has a cover of size at most θ, and ifx6∈L thenS does not have a cover of size at mostθ·(lnr−O(ln lnr)).
We stress that theinapproximability result is essential for us; we will present a reduction from a 2-factor approximation of ther-bounded set cover problem to the minimumDNF◦MODm
circuit minimization problem.
IDefinition 6(Minimum Circuit Size Problem for DNF◦MODm). For an integerm≥2, the Minimum Circuit Size Problem for DNF◦MODm, abbreviated as (DNF◦MODm)-MCSP, is defined as follows:
Input. A Boolean function f:Ztm→ {0,1}, represented as a truth table of lengthmt. Output. DNFMODm(f).
While our final theorem confirms that (DNF◦MODm)-MCSP is NP-hard, we will first proveNP-hardness of the circuit minimization problem on instances of a partial function f :Ztm→ {0,1,∗}. That is, we regard any inputx∈f−1(∗) as “undefined.” For a partial function f: Ztm → {0,1,∗}, we say that a circuit C computes f if C(x) = f(x) for any x ∈ f−1({0,1}). We extend the definition of DNFMODm(f) to the size of the minimum DNF◦MODm circuit computing the partial function f: Ztm → {0,1,∗}. The following problem is concerned with the circuit size of partial functions, and we distinguish it from the problem above by adding a superscript∗.
IDefinition 7(Minimum Circuit Size Problem for Partial Functions). For an integerm≥2, the Minimum Circuit Size Problem∗forDNF◦MODm, abbreviated as (DNF◦MODm)-MCSP∗, is defined as follows:
Input. A Boolean functionf:Ztm→ {0,1,∗}, represented as a string of lengthmtover the alphabet{0,1,∗}.
Output. DNFMODm(f).
3 Hardness of (DNF ◦ MOD
m)-MCSP Under Randomized Reductions 3.1 Reduction from r-Bounded Set Cover to (DNF ◦ MOD
m)-MCSP
∗This subsection is devoted to proving the following theorem.
ITheorem 8. (DNF◦MODm)-MCSP∗isNP-hard under (zero-error) randomized polynomial- time many-one reductions.
Letrbe a large enough constant so that the approximation factor of lnr−O(ln lnr) in Theorem 5 is larger than 2. We present a reduction from a 2-factor approximation of the r-bounded set cover problem to (DNF◦MODm)-MCSP∗.
Let us prepare some notation. LetS be an instance of the r-bounded set cover problem over the universe [n] (in particular,S
S∈SS= [n]). Let t∈Nbe a parameter chosen later.
For eachi∈[n], pickvi∈RZtmindependently and uniformly at random. For any S⊆[n], letvS denote {vi |i∈S}. Let span(vS) :={P
i∈Sci·vi|ci∈Zmfor any i∈S} denote the linear span of vS. (Note thatspan(vS) is a linear subspace ofZtm wheneverS 6=∅.) In our reduction, an elementi∈[n] is mapped to a random pointvi ofZtm, and a setS ∈ S corresponds to a linear subspacespan(vS).
C C C 2 0 1 8
For any set cover instanceS, we define a function f :Ztm→ {0,1,∗}as
f(x) :=
1 (ifx=vi for somei∈[n]) 0 (ifx6∈S
S∈Sspan(vS))
∗ (otherwise)
for anyx∈Ztm. The truth table off is the output of our reduction.
It is not hard to see thatDNFMODm(f) is at most the minimum set cover size forS(Claim 9 below). Of course, the difficulty is in proving a circuit lower bound forf (Claim 10 below).
The idea is as follows: For simplicity of the exposition, let us focus on the case ofm= 2, and moreover let us first consider the case of aDNF◦MOD2 circuitCforf that accepts a union oflinear subspaces (instead of affine subspaces). More precisely, letC−1(1) be a union of linear subspaces{Tk}k∈[K]. ThenTkis a subset ofC−1(1)⊆f−1({1,∗}) =S
S∈Sspan(vS);
furthermore, eachspan(vS) is a random linear subspace of small dimensionr; therefore, it is possible to show that, with high probability, the set{i∈[n]|vi∈Tk}of points covered by Tk is contained in some legal setS∈ S of the set cover instance; hence the circuit sizeK is at least the minimum set cover size.
In the case that a circuitC accepts the union ofaffine subspaces, it is no longer true that, for any affine subspace T such that T ⊆ S
S∈Sspan(vS), the set {i ∈ [n] | vi ∈ T} is covered by some legal set S ∈ S; indeed, for any two points vi and vj, the set {vi, vj} =vi⊕ {0, vi⊕vj}
is an affine subspace of Zt2, whereas{i, j} is not necessarily legal in the set cover instanceS. Nonetheless, we can still prove that, with high probability, the set{i∈[n]|vi∈T}is covered by two legal setsS1, S2∈ S. As a consequence, the minimum number of affine subspaces needed to coverv1, . . . , vn gives us a 2-factor approximation of the minimum set cover size forS. By Theorem 5, it follows that (DNF◦XOR)-MCSP∗ is NP-hard under randomized reductions. Details follow.
IClaim 9(Easy part). Suppose that S has a set cover of size K. ThenDNFMODm(f)≤K.
Proof. LetC ⊆ S be a set cover of sizeK. For each S∈ C, by Lemma 2, there exists an AND◦MODm circuit CS such that CS accepts span(vS). Define a DNF◦MODm circuit C:=W
S∈CCS. It is easy to see thatC computesf. J
Conversely, we prove the following:
IClaim 10(Hard part). For some parametert such thatmt= (nm)O(r), the following holds with probability at least 12 (over the choice of(vi)i∈[n]):
Let K:=DNFMODm(f). ThenS has a set cover of size2K.
The two claims above imply that 2DNFMODm(f) is a 2-factor approximation for the set cover problem: indeed, letsbe the minimum set cover size forS; then we haves≤2DNFMODm(f)≤ 2s. It thus remains to prove Claim 10.
To prove Claim 10, let us clarify the desired condition that random objects (vi)i∈[n]
should satisfy. For anyI⊆[n], define theaffine span ofvI as affine-span(vI) :=n X
i∈I
civi|ci∈Zm fori∈I andX
i∈I
ci= 1o .
The important property of the affine span is that, if an affine subspaceAcovers the setvI of points inI⊆[n], then its affine span must also be covered byA.
IClaim 11(Property of the affine span). For any affine subspace Aof Ztm and anyI⊆[n], if vI ⊆A thenaffine-span(vI)⊆A.
Proof. Let us write A=H+a for some linear spaceH ⊆Ztmand vector a∈Ztm. Since vi∈vI ⊆Afor eachi∈I, there exists some vectorhi∈H such thatvi=hi+a. Take any coefficients (ci)i∈I such thatci ∈ZmandP
i∈Ici= 1. Then, X
i∈I
civi=X
i∈I
ci(hi+a) =X
i∈I
cihi+a ∈ H+a. J
By Lemma 2, the circuit size of f equals the minimum number of affine subspaces A1, . . . , AK ⊆f−1({1,∗}) such thatSK
i=1Ai⊇f−1(1). Intuitively, we would like to require that, if the setvI ⊆f−1(1)
of points is covered by some affine subspaceA⊆f−1({1,∗}), then there exist two legal setsS1, S2 of the set cover instanceS such that I⊆S1∪S2. In fact, one of these sets can be taken as a singleton:
IDefinition 12. We say that (vi)i∈[n] isnice (with respect toS) if, for anyI⊆[n], affine-span(vI)⊆ [
S∈S
span(vS) =⇒ I⊆SI∪ {iI} (1)
for someSI ∈ S andiI ∈[n].
We will prove that (vi)i∈[n] is nice with probability at least 12, and that for any nice (vi)i∈[n], the minimum size of DNF◦MODm is a 2-factor approximation of the minimum set cover size. We prove the latter first:
IClaim 13. Let(vi)i∈[n] be nice, and K:=DNFMODm(f). ThenS has a set cover of size 2K.
Proof. LetC=WK
k=1Ck be aDNF◦MODmcircuit computingf, where eachCk∈AND◦ MODmis nontrivial. By Lemma 2,Ck−1(1) is an affine subspace ofZtm. For eachCk, we will choose 2 sets fromS so that the union of all these sets cover the universe [n].
Fix any Ck and let Ik := {i ∈ [n] | Ck(vi) = 1} be the set of all points covered by Ck. SinceCk−1(1) is an affine subspace ofZtm andvIk⊆Ck−1(1), we haveaffine-span(vIk)⊆ Ck−1(1) by Claim 11. Since the circuitC computesf, Ck−1(1)⊆C−1(1)⊆f−1({1,∗}) = S
S∈Sspan(vS). Thus we have affine-span(vIk) ⊆ S
S∈Sspan(vS), which means that the hypothesis of niceness (1) is satisfied; hence there exist some subset Sk1 ∈ S and some elementik∈[n] such that Ik ⊆Sk1∪ {ik}. Take any setSk2∈ S such thatik ∈Sk2 (such a setSk2 must exist because we assumedS
S∈SS= [n]). ThenIk⊆Sk1∪Sk2. Now we claim that SK
k=1Sk1∪Sk2= [n] (and hence the set cover instanceS has a cover of size 2K). Indeed, for anyi∈[n], we havef(vi) = 1 and henceC(vi) = 1, which means that there exists some subcircuitCk such thatCk(vi) = 1. Thusi∈Ik ⊆Sk1∪Sk2for some
k∈[K]. J
It remains to show that a random choice of (vi)i∈[n] is nice with high probability:
IClaim 14. For each i∈[n], pickvi ∈RZtm uniformly at random and independently. If t≥r+ ((r+ 2) logn+ log|S|+ 1)/logm, then(vi)i∈[n] is nice with probability at least 12.
To prove Claim 14, we will use a union bound over all relevant subsetsI⊆[n]; however, the definition of niceness (1) appears to suggest that we need to take a union bound over exponentially many subsetsI. The next claim shows that this is in fact not the case.
C C C 2 0 1 8
IClaim 15(Characterization of niceness). (vi)i∈[n] is not nice (with respect toS) if and only if there exists some subsetI⊆[n]such that all the following conditions hold:
1. |I| ≤r+ 2,
2. I6⊆S∪ {i} for anyS∈ S andi∈[n], and 3. affine-span(vI)⊆S
S∈Sspan(vS).
In particular, there are at mostnr+2 subsetsI⊆[n] over which we need to take a union bound.
Proof. By the definition of niceness, (vi)i∈[n] is not nice if and only if there exists some subsetI⊆[n] such thataffine-span(vI)⊆S
S∈Sspan(vS) whereasI6⊆S∪ {i}for anyS ∈ S andi∈[n]. Therefore, it is clear that the three conditions imply that (vi)i∈[n] is not nice;
we prove below the converse direction (the “only if” part of Claim 15).
A crucial observation is that, for any subset I⊆[n] of size at least r+ 2, the second condition always holds: Indeed, recall that S is an instance of the r-bounded set cover instance; that is, |S| ≤ r for any S ∈ S. Hence, for any S ∈ S and i ∈ [n], we have
|S∪ {i}| ≤r+ 1; thusI cannot be a subset ofS∪ {i}simply because |I| ≥r+ 2.
Now suppose that there exists some subset I ⊆ [n] satisfying the second and third conditions, but not the first one, that is,|I| > r+ 2. Take any subset I0 ⊆I such that
|I0|=r+ 2. We claim thatI0 satisfies all three conditions: The first condition (|I0| ≤r+ 2) is obvious. The second condition holds because of the observation above. To see the third condition, by assumption, we have affine-span(vI)⊆S
S∈Sspan(vS); hence, we also have affine-span(vI0)⊆affine-span(vI)⊆S
S∈Sspan(vS). J
Now let us proceed to a proof of Claim 14.
Proof of Claim 14. We will bound the probability that a random (vi)i∈[n] is not nice, by using the union bound over all the subsetsI⊆[n] such that the first and second conditions in Claim 15 hold. To this end, fix any subsetI⊆[n] such that|I| ≤r+ 2 andI6⊆S∪ {i}for anyS∈ S andi∈[n] (in particular,Iis not empty). We would like to bound the probability that the affine subspace ofvI is a subset ofS
S∈Sspan(vS).
Take an arbitrary (e.g. the smallest) elementi0∈I. Define coefficients (ci)i∈I as follows:
ci := 1∈Zm for any i∈I\i0 andci0 := (2− |I|) modm ∈ Zm. By this definition, we haveP
i∈Ici= 1; hence,P
i∈Icivi∈affine-span(vI). Therefore,
Pr
v1,...,vn
"
affine-span(vI)⊆ [
S∈S
span(vS)
#
≤Pr
"
X
i∈I
civi∈ [
S∈S
span(vS)
#
≤X
S∈S
Pr
"
X
i∈I
civi∈span(vS)
# .
By the assumption onI, we haveI6⊆S∪ {i0}for any S∈ S; that is, there exists some indexjS ∈I\{i0}\S. Note thatcjS = 1 becausejS ∈I\{i0}. Therefore, the last probability is
X
S∈S
Pr
"
X
i∈I
civi∈span(vS)
#
=X
S∈S
Pr
vjS ∈ span(vS)− X
i∈I\{jS}
civi
=X
S∈S
Pr
vjS =X
i∈S
divi− X
i∈I\{jS}
civi for some (di)i∈S
=X
S∈S
X
(di)i∈S
Pr
vjS =X
i∈S
divi− X
i∈I\{jS}
civi
≤ |S| ·mr·m−t,
where the last inequality holds because the random vectorvjS does not appear in the right summations.
Finally, by taking the union bound over allI such that|I| ≤r+ 2 (andI6⊆S∪ {i} for anyS∈ S and i∈[n]), the probability that (vi)i∈[n] is not nice is bounded from above by
nr+2· |S| ·mr−t≤12. J
Given these claims above, it is immediate to complete the whole proof.
Proof of Claim 10. We may assume without loss of generality that|S| ≤nr sinceS is an instance of ther-bounded set cover problem. We sett∈Nto be the smallest integer such thatt≥r+ ((r+ 2) logn+ log|S|+ 1)/logm; thent=O(rlog(nm)/logm). (Here theO notation hides only a universal constant.) Combining Claims 13 and 14, we immediately
obtain Claim 10. J
Proof of Theorem 8. The encoding of the functionf:Ztm→ {0,1,∗}is of sizeO(mt) = (nm)O(r), which is a polynomial in the input sizepoly(n,|S|).
Moreover, it is possible to make the reduction zero-error: Indeed, the condition of the niceness can be checked in polynomial time, by using the characterization of Claim 15.
Finally, recall that ther-bounded set cover problem isNP-hard to approximate within a factor of 2 by Theorem 5 for a sufficiently large constantr∈N. Hence,NP-hardness of
(DNF◦MODm)-MCSP∗follows from Claims 9 and 10. J
3.2 Reduction from (DNF ◦ MOD
m)-MCSP
∗to (DNF ◦ MOD
m)-MCSP
Next, we present a reduction for the minimum circuit size problem for partial functions to that for total functions:
ITheorem 16. There is a (zero-error) randomized polynomial-time many-one reduction from(DNF◦MODm)-MCSP∗ to(DNF◦MODm)-MCSP.
Let f: Ztm → {0,1,∗} be an instance of (DNF◦MODm)-MCSP∗. Let r := t+ 2 and s:=d(2r+ 2t) logm+ 2e=d4(t+ 1) logm+ 2e. We encode each valuef(x)∈ {0,1,∗}of the partial functionf as a function on a “hypercube”Zsm: namely, we construct a newtotal functiong : Ztm×Zsm→ {0,1} such that f(x) corresponds to (g(x, y))y∈Zsm. Specifically, if f(x) 6= ∗, then f(x) is encoded as a hypercube whose origin5 0s is assigned f(x) and
5 0sdenotes the zero ofZsmfor anys∈N.
C C C 2 0 1 8
other points are assigned 0; iff(x) =∗, then we pick a random linear subspaceLx⊆Zsmof dimensionrand we encode f(x) as the characteristic function ofLx.
Formally, for eachx∈f−1(∗), we pickvx1, . . . , vxr∈R Zsmuniformly and independently at random, and define a random linear subspaceLx:=span(vx1, . . . , vxr). Then the output g:Ztm×Zsm→ {0,1}of our reduction is defined as
g(x, y) :=
f(x) (iff(x)∈ {0,1}andy= 0s) 1 (iff(x) =∗ andy∈Lx) 0 (otherwise)
for any (x, y)∈Ztm×Zsm.
The idea is as follows: Let us imagine how a minimumDNF◦MODmcircuitCcomputing glooks like. We need to coverg−1(1) by as few affine subspaces as possible. Note thatg−1(1) consists of two parts: {(x,0s)} for eachx∈f−1(1), and{x} ×Lx for eachx∈f−1(∗). In order to cover the latter one, it is likely that we need to use the affine subspace{x} ×Lx
itself for eachx∈ f−1(∗); indeed, since each Lx is a random linear subspace, under our constraints with high probability there is no affine subspace which simultaneously covers (a large fraction of) two random affine subspaces{x} ×Lx and{x0} ×Lx0 forx6=x0∈f−1(∗) (Claim 21 below). Therefore, the minimum circuit C should contain a subcircuit which accepts{x} ×Lxfor eachx∈f−1(∗). Now it remains to cover{(x,0s)}for eachx∈f−1(1), but here we can optionally cover {(x,0s)} for each x ∈ f−1(∗) (which has been already covered by{x} ×Lx). This is exactly the same situation as (DNF◦MODm)-MCSP∗; thus with high probability we haveDNFMODm(g) =DNFMODm(f) +|f−1(∗)|. Details follow.
IClaim 17. DNFMODm(g)≤DNFMODm(f) +|f−1(∗)|.
Proof. Suppose that aDNF◦MODmcircuitC=WK
k=1Ckcomputesf. For eachx∗∈f−1(∗), take anAND◦MODmformulaCx∗ such thatCx−1∗(1) ={x∗} ×Lx∗ (by Lemma 2). Define C0(x, y) :=WK
k=1(Ck(x)∧(y1= 0)∧ · · · ∧(ys= 0))∨W
x∗∈f−1(∗)Cx∗(x, y). It is easy to see thatC0(x, y) =g(x, y) for any (x, y)∈Ztm×Zsm. J In order to prove the other direction, let us clarify the desired condition for random linear spaces. We require that (Lx)x∈f−1(∗) is pairwise “disjoint” and that each Lx is nondegenerated.
IDefinition 18. We say that (Lx)x∈f−1(∗) isscattered if|Lx|=mr andLx∩Lx0 ={0s} for any distinctx, x0 ∈f−1(∗).
It is easy to prove that the collection of random linear spaces satisfies the condition above.
IClaim 19. (Lx)x∈f−1(∗) is scattered with probability at least 12, provided that s ≥(2r+ 2t) logm+ 2.
Proof. We first bound the probability that (Lx)x∈f−1(∗)is not pairwise disjoint.
Pr
Lx∩Lx0 6={0s} for some distinctx, x0∈f−1(∗)
≤ X
x6=x0∈f−1(∗)
Pr [Lx∩Lx0 6={0s}]
≤ X
x6=x0∈f−1(∗)
Pr
" r X
i=1
civix=
r
X
i=1
divxi0 for some nonzero (ci)i∈[r],(di)i∈[r]
#
< m2t·m2r·2−s ≤ 1 4,
where, in the last line, we used the fact that the probability thatPr
i=1civxi =Pr
i=1divix0 is at most 2−sfor nonzero (i.e. ci 6= 0, dj6= 0 for somei, j∈[r]) coefficients (ci)i∈[r],(di)i∈[r].6
Next, we bound the probability that |Lx|< mr. Indeed, Pr
|Lx|< mr for somex∈f−1(∗)
≤ X
x∈f−1(∗)
Pr
" r X
i=1
civxi = 0s for some nonzero (ci)i∈[r]
#
≤mt·mr·2−s ≤ 1 4.
Overall, the probability that (Lx)x∈f−1(∗) is not scattered is less than 14+14 = 12. J Note that the condition of being scattered can be checked in polynomial time. Indeed, for eachx∈f−1(∗), one can enumerate all the elements of Lx, which are at most polynomially many in the input sizemO(t). Thus, our zero-error randomized reduction picks random linear subspaces (Lx)x∈f−1(∗) until we obtain a scattered collection of linear subspaces.
In the rest of the proof, we can thus assume that (Lx)x∈f−1(∗)is scattered. The next claim gives the reverse inequality of Claim 17.
IClaim 20. DNFMODm(g)≥DNFMODm(f) +|f−1(∗)|if (Lx)x∈f−1(∗)is scattered.
Let C = WK
k=1Ck be a minimum DNF◦MODm circuit computing g. (In particular, K = DNFMODm(g) ≤ DNFMODm(f) +|f−1(∗)| ≤ mt+1.) For each x ∈ f−1(∗), we first extract a subcircuitCl(x) that covers (a large fraction of) the random linear subspaceLx. Let l(x)∈[K] be one of the indices such that |Cl(x)−1(1)∩({x} ×Lx)| is maximized. That is, Cl(x) covers the largest fraction of the affine subspace {x} ×Lx; in particular, since S
k∈[K]Ck−1(1)⊇ {x} ×Lx, there are at least|Lx|/K =mr/K≥mr−t−1≥2
points in the setCl(x)−1(1)∩({x} ×Lx). Intuitively, the subcircuits{Cl(x)|x∈f−1(∗)} are supposed to cover random linear subspaces, and the rest of the subcircuits computesf.
To make the intuition formal, we will prove the following two claims. The first asserts that, under our constraints, no affine subspace can cover a large fraction of two distinct random linear subspaces.
IClaim 21. l:f−1(∗)→[K] is injective.
The second claim asserts that, if an affine subspace Cl(x−10)(1) covers a large fraction of {x0} ×Lx0, then it cannot cover a point (x,0s) such thatf(x) = 1.
IClaim 22. Cl(x0)(x,0s) = 0for any x∈f−1(1)andx0∈f−1(∗).
Assuming these two claims, it is easy to prove Claim 20.
Proof of Claim 20. For each k ∈ [K], define an AND◦MODm circuit Ck0 as Ck0(x) :=
Ck(x,0s) on input x∈Ztm. Define a DNF◦MODm circuit C0 :=W
k∈[K]\ {l(x)|f(x)=∗ }Ck0. By Claim 21, the number of subcircuits in C0 isK− |f−1(∗)|.
We claim thatC0 computesf. Indeed, for anyx∈f−1(1), we haveC(x,0s) =g(x,0s) = f(x) = 1; hence, there is somek∈[K] such thatCk(x,0s) = 1, which implies thatCk0(x) = 1 by the definition ofCk0. Claim 22 impliesk6∈ {l(x0)|f(x0) =∗ }; thusC0(x) = 1. On the other hand, for anyx∈f−1(0), we haveC(x,0s) =g(x,0s) =f(x) = 0; in particular, for anyk∈[K],Ck(x,0s) = 0. ThusCk0(x) = 0 for anyk∈[K], which impliesC0(x) = 0. J
6 Note that any equationax=b(modm) witha6= 0 is satisfied with probability≤1/2 over a random choice ofx.
C C C 2 0 1 8
It remains to prove Claims 21 and 22. We prove the latter fist.
Proof of Claim 22. Assume, by way of a contradiction, that Cl(x0)(x,0s) = 1 for some x∈f−1(1) andx0∈f−1(∗). By the definition ofl(x0), there are at least 2 distinct points (x0, a) and (x0, b) inCl(x−10)(1)∩({x0} ×Lx0). SinceCl(x−10)(1) is an affine subspace, we have (x0, a)−(x0, b) + (x,0s) = (x, a−b)∈Cl(x−10)(1) (as in the proof of Claim 11). It follows that C(x, a−b) = 1. SinceC computesg, we also haveg(x, a−b) = 1, which contradicts the fact
thata−b6= 0sand the definition of g. J
Proof of Claim 21. Assume that l(x1) = l(x2) =: k for distinct inputs x1, x2 ∈ f−1(∗).
Take any 2 distinct points (x1, a) and (x1, b) from Ck−1(1)∩({x1} ×Lx1) and any point (x2, c) from Ck−1(1)∩({x2} ×Lx2). SinceCk−1(1) is an affine subspace, we have (x1, a)− (x1, b) + (x2, c) = (x2, a−b+c)∈Ck−1(1). We also have (x2, a−b+c)∈ {x2} ×Lx2, since Ck−1(1)∩({x2} ×Zsm)⊆g−1(1)∩({x2} ×Zsm) ={x2} ×Lx2. Therefore,a−b+c∈Lx2. Sincec∈Lx2 and this is a linear subspace, it follows that a−b∈Lx2. On the other hand, by the definition of aandb, we have 0s 6=a−b ∈ Lx1. However, this is a contradiction
because 0s6=a−b∈Lx1∩Lx2={0s}. J
Proof of Theorem 16. By Claims 17 and 20, we obtain DNFMODm(g) = DNFMODm(f) +
|f−1(∗)|for a scattered collection (Lx)x∈f−1(∗). Since s=O(tlogm), the truth table ofg is of lengthmt+s=mO(tlogm), which is a polynomial in the input length for every constant m≥2. Finally, since it is possible to check whether (Lx)x∈f−1(∗)is scattered in polynomial
time, the reduction is zero-error. J
On our proof strategy and the restriction to functions over boolean inputs (m >
2). The linear-algebraic and probabilistic techniques employed here naturally suggest to view a set of inputs for the input instance f as a subset of the algebraic structure Znm(a vector space or module, depending onm). In order to establish a similar NP-hardness result with respect to functions on the hypercube and AND-OR-MODmcircuits, one is tempted to encode elements from the structure Znm as binary strings, and to consider a bijection ϕ:Znm↔Γ⊆ {0,1}∗ between vectors and binary strings. However, a binary encoding allows a bottom-layer modular gate to access individual bits of this encoding, and as a consequence, this gate might accept a setA ⊆ {0,1}∗ that does not correspond under ϕ to the set of solutions of a modular equation overZm. When this is the case, our argument no longer works.
Another natural approach would be to restrict the input function to boolean inputs, and to directly view such inputs as elements in{0,1}n⊆Znm. Here certain technical difficulties are transferred to our probabilistic analysis involving affine subspaces ofZnm, and it is not immediately clear to us how to modify the argument in this case.
For these reasons, when m > 2 our techniques do not seem to be directly applicable to functions defined over boolean inputs only, and a more complicated argument might be necessary. Note however that this does not exclude the existence of different and potentially simpler reductions among these and other intermediary problems.
4 Derandomization and Pseudorandom Generators for AND ◦ MOD
mIn this section, we present a unified way of efficiently derandomizing the zero-error reductions of Section 3. The crucial idea is that certainsubconditionsof being nice or scattered can be checked byAND◦MODmcircuits overZnm; hence, a pseudorandom generator forAND◦MODm
circuits can be used to derandomize the reductions.