Cryptographic hardness of distribution-specific learning

We investigate cryptographic lower bounds on the learnability of Boolean formulas and constant depth circuits on the {niform distribution and other specifi; distributions. We first show that weakly learning Boolean formulas and constant depth threshold circuits with membership queries on the uniform distribution in polynomial time is as hard as factoring Blum integers (or inverting RSA, or deciding 1? quadratic residuosity . We formalize the notion of a trivially learnable distri ution and extend these hardness results to all non-trivial distributions. Moreover, we show that under appropriate assumptions on the hardness of factoring, the learnability of Boolean formulas and constant depth threshold circuits on any distribution is characterized by the distribution’s Renyi entropy. Furthermore, we show that a sub-exponential lower bound for factoring implies a Q(2’Og@ ‘‘) lower bound (for some constant ~) for learning Boolean circuits of depth d on the uniform distribution (with membership queries), which matches the upper bound of Linial, M ansour, and Nisan [19]. From this we conclude that, assuming such a lower bou-nd for factoring, there is no O(npOLy 10gn ) algorithm to learn all of ACO on the uniform distribution. We observe that, under cryptographic assumptions, all our bounds can be used to establish trade~trs between the running time and the number of samples necessary to learn.

[1]  W. Leveque Fundamentals of number theory , 1977 .

[2]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[3]  Leslie G. Valiant,et al.  A theory of the learnable , 1984, STOC '84.

[4]  Vijay V. Vazirani,et al.  Efficient and Secure Pseudo-Random Number Generation (Extended Abstract) , 1984, FOCS.

[5]  Uzi Vishkin,et al.  Constant Depth Reducibility , 1984, SIAM J. Comput..

[6]  Stephen A. Cook,et al.  Log Depth Circuits for Division and Related Problems , 1986, SIAM J. Comput..

[7]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[8]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[9]  Dana Angluin,et al.  Learning Regular Sets from Queries and Counterexamples , 1987, Inf. Comput..

[10]  J. Håstad Computational limitations of small-depth circuits , 1987 .

[11]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[12]  M. Kearns,et al.  Crytographic limitations on learning Boolean formulae and finite automata , 1989, STOC '89.

[13]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[14]  Robert E. Schapire,et al.  The Strength of Weak Learnability , 1989, 30th Annual Symposium on Foundations of Computer Science.

[15]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[16]  Leonard Pitt,et al.  Prediction-Preserving Reducibility , 1990, J. Comput. Syst. Sci..

[17]  Dana Angluin,et al.  When won't membership queries help? , 1991, STOC '91.

[18]  Sean W. Smith,et al.  Improved learning of AC0 functions , 1991, COLT '91.

[19]  Yishay Mansour,et al.  An O(nlog log n) learning algorithm for DNF under the uniform distribution , 1992, COLT '92.

[20]  J. Reif,et al.  On Threshold Circuits and Polynomial Computation , 1992, SIAM J. Comput..

[21]  Michael Kharitonov,et al.  Cryptographic lower bounds for learnability of Boolean functions on the uniform distribution , 1992, COLT '92.

[22]  Noam Nisan,et al.  Constant depth circuits, Fourier transform, and learnability , 1993, JACM.

[23]  Leslie G. Valiant,et al.  Cryptographic Limitations on Learning Boolean Formulae and Finite Automata , 1993, Machine Learning: From Theory to Applications.

[24]  Avrim Blum Separating Distribution-Free and Mistake-Bound Learning Models over the Boolean Domain , 1994, SIAM J. Comput..