On the complexity of powering in finite fields

We study the complexity of computing the k<sup>th</sup>-power of an element of F<sub>2<sup>n</sup></sub> by constant depth arithmetic circuits over F<sub>2</sub> (also known as ACP). Our study encompasses the complexity of basic arithmetic operations such as computing cube-root and computing cubic-residuosity of elements of F<sub>2<sup>n</sup></sub>. Our main result is that these problems require exponential size circuits. We also derive strong average-case versions of these results. For example, we show that no subexponential-size, constant-depth, arithmetic circuit over F<sub>2</sub> can correctly compute the cubic residue symbol for more than 1/3 + o(1) fraction of the elements of F<sub>2<sup>n</sup></sub>. As a corollary, we deduce a character sum bound showing that the cubic residue character over F<sub>2<sup>n</sup></sub> is uncorrelated with all degree-d n-variate F<sub>2</sub> polynomials (viewed as functions over F<sub>2<sup>n</sup></sub> in a natural way), provided d l n<sup>ε</sup> for some universal ε > 0. Classical methods (based on van der Corput differencing and the Weil bounds) show this only for d l log(n). Our proof revisits the classical Razborov-Smolensky method for circuit lower bounds, and executes an analogue of it in the land of univariate polynomials over F<sub>2<sup>n</sup></sub>. The tools we use come from both F<sub>2<sup>n</sup></sub> and F<sub>2</sub><sup>n</sup>. In recent years, this interplay between F<sub>2<sup>n</sup></sub> and F<sub>2</sub><sup>n</sup> has played an important role in many results in pseudorandomness, property testing and coding theory.

[1]  Emanuele Viola,et al.  Constant-Depth Circuits for Arithmetic in Finite Fields of Characteristic Two , 2006, STACS.

[2]  A. Razborov Lower bounds on the size of bounded depth circuits over a complete basis with logical addition , 1987 .

[3]  Igor E. Shparlinski Number Theoretic Methods in Cryptography: Complexity lower bounds , 1999 .

[4]  Swastik Kopparty Algebraic methods in randomness and pseudorandomness , 2010 .

[5]  Joachim von zur Gathen Efficient Exponentiation in Finite Fields (Extended Abstract) , 1991, FOCS.

[6]  Noga Alon,et al.  Simple construction of almost k-wise independent random variables , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[7]  Emanuele Viola,et al.  Fooling Parity Tests with Parity Gates , 2004, APPROX-RANDOM.

[8]  Alexander A. Razborov,et al.  Natural Proofs , 1997, J. Comput. Syst. Sci..

[9]  R. Graham,et al.  A Constructive Solution to a Tournament Problem , 1971, Canadian Mathematical Bulletin.

[10]  Moni Naor,et al.  Efficiently Constructible Huge Graphs That Preserve First Order Properties of Random Graphs , 2005, TCC.

[11]  R. Smolensky On representations by low-degree polynomials , 1993, Proceedings of 1993 IEEE 34th Annual Foundations of Computer Science.

[12]  Jean Bourgain,et al.  On the Construction of Affine Extractors , 2007 .

[13]  Yossi Azar,et al.  Approximating Probability Distributions Using Small Sample Spaces , 1998, Comb..

[14]  Wayne Eberly Very Fast Parallel Polynomial Arithmetic , 1989, SIAM J. Comput..

[15]  Eli Ben-Sasson,et al.  Affine dispersers from subspace polynomials , 2009, STOC '09.

[16]  Eric Allender,et al.  Uniform constant-depth threshold circuits for division and iterated multiplication , 2002, J. Comput. Syst. Sci..

[17]  I. Shparlinski,et al.  Character Sums with Exponential Functions and their Applications: Introduction , 1999 .

[18]  Roman Smolensky,et al.  Algebraic methods in the theory of lower bounds for Boolean circuit complexity , 1987, STOC.

[19]  Madhu Sudan,et al.  Algebraic property testing: the role of invariance , 2008, Electron. Colloquium Comput. Complex..