Oracle machine

From Wikipedia, the free encyclopedia

In complexity theory and computability theory, an oracle machine is an abstract machine used to study decision problems. It can be visualized as a Turing machine with a black box, called an oracle, which is able to decide certain decision problems in a single operation. The problem can be of any complexity class. Even undecidable problems, like the halting problem, can be used.

[edit] Definition

An oracle machine is a Turing machine connected to an oracle. The oracle, in this context, is thought of as an entity capable of answering some collection of questions, and usually represented as some subset A of the natural numbers. Intuitively then, the Turing machine can perform all of the usual operations of a Turing machine, and can also query the oracle for an answer to a specific question of the form "is x in A?" There are several different definitions of an oracle machine, all of which are equivalent in the sense that they agree on when a specific function f can be computed by an oracle machine with oracle A. The following is a description of one particular definition.

An oracle machine, like a Turing machine, includes a work tape: a sequence of cells without beginning or end, each of which may contain a B (for blank) or a 1; a read/write head, which rests on a single cell of the work tape and can read the data there, write new data, and move left or right along the tape; and a control mechanism, which can be in one of a finite number of states, and which will perform different actions (reading data, writing data, moving the control mechanism, and changing states) depending on the current state and the data being read. In addition to these components, an oracle machine also includes an oracle tape, on which is printed an infinite sequence of B's and 1's corresponding to the characteristic function of the oracle set A, and an oracle head, which (like the read/write head) can move left or right along the oracle tape reading data, but which cannot write.

[edit] Formal definition

An oracle Turing machine is a 4-tuple $M= \langle Q, \delta, q_0, F \rangle$ where

$Q$ is a finite set of states
$\delta: Q \times \{B,1\}^2 \rightarrow Q \times \{B,1\} \times \{L,R\}^2$ is a partial function called the transition function, where L is left shift, R is right shift.
$q_0 \in Q$ is the initial state
$F \subseteq Q$ is the set of halting states.

The oracle machine is initialized with the work tape containing some input with finitely many 1's and the rest of the tape blank, the oracle tape containing the characteristic function of the oracle, A, and the Turing machine in state q₀ with read/write head reading the first nonblank cell of the work tape, and oracle head reading the cell of the oracle tape which corresponds to $χ A (0)$ . Thereafter it operates according to $δ$ : if the Turing machine is currently in state q, the read/write head is reading a symbol S₁, and the oracle head is reading S₂, then if $δ(q, S 1, S 2) = (q', S 1', D 1, D 2)$ , the machine enters state $q'$ , the read/write head writes the symbol S₁' in place of S₁, and then the read/write head moves 1 cell in direction D₁ and the oracle head moves one cell in direction D₂. At this point if $q'$ is a halting state, the machine halts, otherwise it repeats this same procedure.

Turing machines can compute functions as follows: if f is a function that takes natural numbers to natural numbers, M^A is a Turing machine with oracle A, and whenever M^A is initialized with the work tape consisting of n+1 consecutive 1's (and blank elsewhere) M^A eventually halts with f(n) 1's on the tape, M^A is said to compute the function f. A similar definition can be made for functions of more than one variable, or partial functions.

If there is an oracle machine M that computes a function f with oracle A, f is said to be A-computable. If f is the characteristic function of a set B, B is also said to be A-computable, and M is said to be a Turing reduction from B to A.

[edit] Complexity classes of oracle machines

The complexity class of decision problems solvable by an algorithm in class A with an oracle for a problem in class B is written A^B. For example, the class of problems solvable in polynomial time by a deterministic Turing machine with an oracle for a problem in NP is P^NP. (This is also the class of problems reducible by polynomial-time Turing reduction to a problem in NP.)

It is obvious that NP ⊆ P^NP, but the question of whether NP^NP, P^NP, NP, and P are equal remains open. See polynomial hierarchy for further extensions.

The notation A^B also means the class of problems solvable by an algorithm in class A with an oracle for the language B. For example, P^SAT is the class of problems solvable in polynomial time by a deterministic Turing machine with an oracle for the Boolean satisfiability problem. When language B is complete for some class C, then A^B=A^C. In particular, since SAT is NP-complete, P^SAT=P^NP. Note that this assumes that the machine used in the definition of the class A is powerful enough to execute the reductions used in the completeness definition of the class C; for example, if A = DSPACE(1), A^SAT does not necessarily equal A^NP.

Oracle machines are useful for investigating the relationship between complexity classes P and NP, by considering the relationship between P^A and NP^A for an oracle A. In particular, it has been shown that there exist languages A and B such that P^A=NP^A and P^B≠NP^B (Baker, Gill, Solovay, 1975). The fact that the P=NP question relativizes both ways is taken as evidence that answering this question will be difficult, because any proof technique that relativizes (i.e., is unaffected by the addition of an oracle) will not answer the P=NP question.

It is interesting to consider the case where an oracle is chosen randomly from among all possible oracles. It has been shown that if oracle A is chosen randomly, then with probability 1, P^A≠NP^A (Bennett, Gill, 1981). When a question is true for almost all oracles, it is said to be true for a random oracle. This is sometimes taken as evidence that P≠NP. Unfortunately, a statement may be true for a random oracle and false for ordinary Turing machines at the same time; for example for almost all oracles A, IP^A≠PSPACE^A, while IP = PSPACE.^[1]

[edit] Oracles and halting problems

It is possible to posit the existence of an oracle which computes a non-computable function, such as the answer to the halting problem or some equivalent. A machine with an oracle of this sort is a hypercomputer.

Interestingly, the halting paradox still applies to such machines; that is, although they can determine whether particular Turing machines will halt on particular inputs, they cannot determine whether machines with equivalent halting oracles will themselves halt. This fact creates a hierarchy of machines, called the arithmetical hierarchy, each with a more powerful halting oracle and an even harder halting problem.

[edit] Applications to cryptography

In cryptography, oracles are sometimes used to make arguments for the security of cryptographic protocols where (typically) a hash function is used. A security reduction for the protocol is given in the case where, instead of a hash function, a random oracle is used which answers each query randomly but consistently; the oracle is assumed to be available to all parties including the attacker, just as a hash function is. Such a proof shows that unless the attacker can solve the hard problem at the heart of the security reduction, they must make use of some interesting property of the hash function to break the protocol; they cannot treat the hash function as a black box (i.e., as a random oracle). This method has been very effective in giving good reductions for the security of efficient protocols, but its validity is sometimes challenged in the cryptographic community since computable functions are inherently very different from random oracles. See random oracle for more details.

[edit] See also

[edit] Bibliography

Alan Turing, Systems of logic based on ordinals, Proc. London math. soc., 45, 1939
C. Papadimitriou. Computational Complexity. Addison-Wesley, 1994. Section 14.3: Oracles, pp. 339 – 343.
T. P. Baker, J. Gill, R. Solovay. Relativizations of the P =? NP Question. SIAM Journal on Computing, 4(4): 431-442 (1975)
C. H. Bennett, J. Gill. Relative to a Random Oracle A, P^A != NP^A != co-NP^A with Probability 1. SIAM Journal on Computing, 10(1): 96-113 (1981)
Michael Sipser (1997). Introduction to the Theory of Computation. PWS Publishing. ISBN 0-534-94728-X. Section 9.2: Relativization, pp.318 – 321.
Martin Davis, editor: The Undecidable, Basic Papers on Undecidable Propositions, Unsolvable Problems And Computable Functions, Raven Press, New York, 1965. Turing's paper is in this volume. Papers include those by Godel, Church, Rosser, Kleene, and Post.

[edit] References

^ Richard Chang, Benny Chor, Oded Goldreich, Juris Hartmanis, Johan Hastad, Desh Ranjan, Pankaj Rohatgi. The Random Oracle Hypothesis is False. Journal of Computer and System Sciences, volume 49, issue 1, pp.24–39. August 1994. ISSN 0022-0000. http://citeseer.ist.psu.edu/282397.html

[0] Richard Chang, Benny Chor, Oded Goldreich, Juris Hartmanis, Johan Hastad, Desh Ranjan, Pankaj Rohatgi. The Random Oracle Hypothesis is False. Journal of Computer and System Sciences, volume 49, issue 1, pp.24–39. August 1994. ISSN 0022-0000. http://citeseer.ist.psu.edu/282397.html

[1]

Oracle machine

From Wikipedia, the free encyclopedia

Contents

[edit] Definition

[edit] Formal definition

[edit] Complexity classes of oracle machines

[edit] Oracles and halting problems

[edit] Applications to cryptography

[edit] See also

[edit] Bibliography

[edit] References

Views

Personal tools

Navigation

Search

Interaction

Toolbox

Languages