Chapter

Algebraic Algorithms for Variants of Subset Sum

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Given (a1,,an,t)Z0n+1(a_1, \dots , a_n, t) \in \mathbb {Z}_{\ge 0}^{n + 1}, the Subset Sum problem (SSUM\mathsf {SSUM}) is to decide whether there exists S[n]S \subseteq [n] such that iSai=t\sum _{i \in S} a_i = t. Bellman (1957) gave a pseudopolynomial time dynamic programming algorithm which solves the Subset Sum in O(nt) time and O(t) space.In this work, we present search algorithms for variants of the Subset Sum problem. Our algorithms are parameterized by k, which is a given upper bound on the number of realisable sets (i.e. number of solutions, summing exactly t). We show that SSUM\mathsf {SSUM} with a unique solution is already NP\mathsf {NP}-hard, under randomized reduction. This makes the regime of parametrized algorithms, in terms of k, very interesting.Subsequently, we present an O~(k(n+t))\tilde{O}(k\cdot (n+t)) time deterministic algorithm, which finds the hamming weight of all the realisable sets for a subset sum instance. We also give a poly(knt){\mathsf {poly}}(knt)-time and O(log(knt))O(\log (knt))-space deterministic algorithm that finds all the realisable sets for a subset sum instance. Our algorithms use analytic and number-theoretic techniques. KeywordsSubset sumPower seriesIsolation lemmaHamming weightInterpolationLogspaceNewton’s identities

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... As another direction for future research, we consider the use of exact Subset Sum or Partition algorithms parameterized by a concentration parameter β, as described in [4,5], where they solve the decision version of Subset Sum. See also [17] for a use of this parameter under a pseudopolynomial setting. It would be interesting to investigate whether analogous arguments could be used to solve the optimization version. ...
Article
Full-text available
We present a new FPTAS for the Subset Sum Ratio problem, which, given a set of integers, asks for two disjoint subsets such that the ratio of their sums is as close to 1 as possible. Our scheme makes use of exact and approximate algorithms for Partition, and clearly showcases the close relationship between the two algorithmic problems. Depending on the relationship between the size of the input set n and the error margin εε\varepsilon , we improve upon the best currently known algorithm of Melissinos and Pagourtzis [COCOON 2018] of complexity O(n4/ε)O(n4/ε)\mathcal {O} (n^4 / \varepsilon ). In particular, the exponent of n in our proposed scheme may decrease down to 2, depending on the Partition algorithm used.
Chapter
Given positive integers a1,…,an and a target integer t, the SubsetProduct problem asks to determine whether there exists a subset S⊆[n] such that ∏i∈Sai=t. It differs from the Subset Sum problem where the multiplication operation is replaced by addition. There is a pseudopolynomial-time dynamic programming algorithm which solves the SubsetProduct in O(nt) time and Ω(t) space. In this paper, we present a simple and elegant randomized algorithm for SubsetProduct in O~(n+to(1)) expected-time. Moreover, we also present a poly(nt) time and O(log2(nt)) space deterministic algorithm. In fact, we solve a more general problem called the SimulSubsetSum. This problem was introduced by Kane 2010. Given k instances of Subset Sum, it asks to decide whether there is a ‘common’ solution to all the instances. Kane gave a logspace algorithm for this problem. We show a polynomial-time reduction from SubsetProduct to SimulSubsetSum and also give efficient algorithm for the latter. Our algorithms use multivariate FFT, power series and number-theoretic techniques, introduced by Jin and Wu (SOSA 2019) and Kane (2010).
Article
Full-text available
Article
Full-text available
Given a (multi) set S of n positive integers and a target integer u , the subset sum problem is to decide if there is a subset of S that sums up to u . We present a series of new algorithms that compute and return all the realizable subset sums up to the integer u in Õ(min { √ n u , u 5/4 ,σ }), where σ is the sum of all elements of S and Õ hides polylogarithmic factors. We also present a modified algorithm for integers modulo m , which computes all the realizable subset sums modulo m in Õ(min { √ n m , m 5/4 }) time. Our contributions improve upon the standard dynamic programming algorithm that runs in O ( nu ) time. To the best of our knowledge, the new algorithms are the fastest deterministic algorithms for this problem. The new results can be employed in various algorithmic problems, from graph bipartition to computational social choice. Finally, we also improve a result on covering Z m , which might be of independent interest.
Article
Full-text available
We obtain a new bound of certain double multiplicative character sums. We use this bound together with some other previously obtained results to obtain new algorithms for finding roots of polynomials modulo a prime p.
Conference Paper
Full-text available
The Subset Sum and Knapsack problems are fundamental NP-complete problems and the pseudo-polynomial time dynamic programming algorithms for them appear in every algorithms textbook. The algorithms require pseudo-polynomial time and space. Since we do not expect polynomial time algorithms for Subset Sum and Knapsack to exist, a very natural question is whether they can be solved in pseudo-polynomial time and polynomial space. In this paper we answer this question affirmatively, and give the first pseudo-polynomial time, polynomial space algorithms for these problems. Our approach is based on algebraic methods and turns out to be useful for several other problems as well. Then we show how the framework yields polynomial space exact algorithms for the classical Traveling Salesman, Weighted Set Cover and Weighted Steiner Tree problems as well. Our algorithms match the time bound of the best known pseudo-polynomial space algorithms for these problems.
Article
Full-text available
We present a deterministic polynomial-time algorithm that determines whether an input number n is prime or composite. The problem of distinguishing prime numbers from composite numbers and of resolving the latter into their prime factors is known to be one of the most important and useful in arithmetic. It has engaged the industry and wisdom of ancient and modern geometers to such an extent that it would be superuous to discuss the problem at length... Further, the dignity of the science itself seems to require that every possible means be explored for the solution of a problem so elegant and so celebrated." - Karl Friedrich Gauss, Disquisitiones Arithmeticae, 1801 (translation from [Knu98]) 1
Article
Dylan M. McKay and Richard Ryan Williams. We define a model of size-S R-way branching programs with oracles that can make up to S distinct oracle queries over all of their possible inputs, and generalize a lower bound proof strategy of Beame [SICOMP 1991] to apply in the case of random oracles. Through a series of succinct reductions, we prove that the following problems require randomized algorithms where the product of running time and space usage must be Ω(n2/poly(log n)) to obtain correct answers with constant nonzero probability, even for algorithms with constant-time access to a uniform random oracle (i.e., a uniform random hash function): ▬ Given an unordered list L of n elements from [n] (possibly with repeated elements), output [n] − L. ▬ Counting satisfying assignments to a given 2CNF, and printing any satisfying assignment to a given 3CNF. Note it is a major open problem to prove a time-space product lower bound of n2−o(1) for the decision version of SAT, or even for the decision problem Majority-SAT. ▬ Printing the truth table of a given CNF formula F with k inputs and n = O(2k) clauses, with values printed in lexicographical order (i.e., F(0k), F(0k−11), . . ., F(1k)). Thus we have a 4k/poly(k) lower bound in this case. ▬ Evaluating a circuit with n inputs and O(n) outputs. As our lower bounds are based on R-way branching programs, they hold for any reasonable model of computation (e.g. log-word RAMs and multitape Turing machines).
Chapter
We propose two heuristic polynomial memory collision finding algorithms for the low Hamming weight discrete logarithm problem in any abelian group G. The first one is a direct adaptation of the Becker-Coron-Joux (BCJ) algorithm for subset sum to the discrete logarithm setting. The second one significantly improves on this adaptation for all possible weights using a more involved application of the representation technique together with some new Markov chain analysis. In contrast to other low weight discrete logarithm algorithms, our second algorithm’s time complexity interpolates to Pollard’s G12|G|^{\frac{1}{2}} bound for general discrete logarithm instances.
Article
Given a set Z of n positive integers and a target value t, the Subset Sum problem asks whether any subset of Z sums to t. A textbook pseudopolynomial time algorithm by Bellman from 1957 solves Subset Sum in time O(nt). This has been improved to O(nmaxZ)O(n \max Z) by Pisinger [J. Algorithms'99] and recently to O~(nt)\tilde O(\sqrt{n} t) by Koiliaris and Xu [SODA'17]. Here we present a simple and elegant randomized algorithm running in time O~(n+t)\tilde O(n+t). This improves upon a classic algorithm and is likely to be near-optimal, since it matches conditional lower bounds from Set Cover and k-Clique. We then use our new algorithm and additional tricks to improve the best known polynomial space solution from time O~(n3t)\tilde O(n^3 t) and space O~(n2)\tilde O(n^2) to time O~(nt)\tilde O(nt) and space O~(nlogt)\tilde O(n \log t), assuming the Extended Riemann Hypothesis. Unconditionally, we obtain time O~(nt1+ε)\tilde O(n t^{1+\varepsilon}) and space O~(ntε)\tilde O(n t^\varepsilon) for any constant ε>0\varepsilon > 0.
Chapter
We construct a public-key encryption (PKE) scheme whose security is polynomial-time equivalent to the hardness of the Subset Sum problem. Our scheme achieves the standard notion of indistinguishability against chosen-ciphertext attacks (IND-CCA) and can be used to encrypt messages of arbitrary polynomial length, improving upon a previous construction by Lyubashevsky, Palacio, and Segev (TCC 2010) which achieved only the weaker notion of semantic security (IND-CPA) and whose concrete security decreases with the length of the message being encrypted. At the core of our construction is a trapdoor technique which originates in the work of Micciancio and Peikert (Eurocrypt 2012).
Conference Paper
This paper introduces a subset-sum algorithm with heuristic asymptotic cost exponent below 0.25. The new algorithm combines the 2010 Howgrave-Graham-Joux subset-sum algorithm with a new streamlined data structure for quantum walks on Johnson graphs.
Article
One of the first concepts one meets in elementary number theory is that of the multiplicative order. We give a survey of the literature on this topic emphasizing the Artin primitive root conjecture (1927). The first part of the survey is intended for a rather general audience and rather colloquial, whereas the second part is intended for number theorists and ends with several open problems. The contributions in the survey on `elliptic Artin' are due to Alina Cojocaru. Wojciec Gajda wrote a section on `Artin for K-theory of number fields,' and Hester Graves (together with me) on `Artin's conjecture and Euclidean domains.'
Book
Computer algebra systems are now ubiquitous in all areas of science and engineering. This highly successful textbook, widely regarded as the 'bible of computer algebra', gives a thorough introduction to the algorithmic basis of the mathematical engine in computer algebra systems. Designed to accompany one- or two-semester courses for advanced undergraduate or graduate students in computer science or mathematics, its comprehensiveness and reliability has also made it an essential reference for professionals in the area. Special features include: detailed study of algorithms including time analysis; implementation reports on several topics; complete proofs of the mathematical underpinnings; and a wide variety of applications (among others, in chemistry, coding theory, cryptography, computational logic, and the design of calendars and musical scales). A great deal of historical information and illustration enlivens the text. In this third edition, errors have been corrected and much of the Fast Euclidean Algorithm chapter has been renovated.
Article
We present a new algorithm for finding a maximum matching in a general graph. The special feature of our algorithm is that its only computationally non-trivial step is the inversion of a single integer matrix. Since this step can be parallelized, we get a simple parallel (RNC 2) algorithm. At the heart of our algorithm lies a probabilistic lemma, the isolating lemma. We show other applications of this lemma to parallel computation and randomized reductions.
Conference Paper
We propose a semantically-secure public-key encryption scheme whose security is polynomial-time equivalent to the hardness of solving random instances of the subset sum problem. The subset sum assumption required for the security of our scheme is weaker than that of existing subset-sum based encryption schemes, namely the lattice-based schemes of Ajtai and Dwork (STOC’97), Regev (STOC’03, STOC’05), and Peikert (STOC’09). Additionally, our proof of security is simple and direct. We also present a natural variant of our scheme that is secure against key-leakage attacks, and an oblivious transfer protocol that is secure against semi-honest adversaries.
Article
Constant-depth polynomial-size threshold circuits are usually classified according to their total depth. For example, the best known threshold circuits for iterated multiplication and division have depths four and three, respectively. In this paper, the complexity of threshold circuits is investigated from a different point of view: explicit AND, OR gates are allowed in the circuits, and a threshold circuit is said to have majority-depthdif no path traverses more thandthreshold gates. It is then shown that iterated multiplication can be computed by polynomial-size threshold circuits of total depth five but of majority-depth three. Circuits of depth four and majority-depth two are obtained for division and powering. These results rely on a careful implementation of iterated addition and Chinese remaindering. In addition, a simple symbolic calculus for composing circuit classes is developed: this notation allows for a concise and elegant presentation of the results.
Article
We present a new deterministic algorithm for factoring polynomials over Zp of degree n. We show that the worst-case running time of our algorithm is , which is faster than the running times of previous determi nistic algorithms with respect to both n and p. We also show that our algorithm runs in polynomial time for all but at most an exponentially small fraction of the polynomials of degree n over Zp. Specifically, we prove that the fraction of polynomials of degree n over Zp for which our algorithm fails to halt in time O((log p)2n2+∈) is ((n log p)2/p). Consequently, the average-case running time of our algorithm is polynomial in n and log p.
Article
A new technique called balancing is presented for the solution of Knapsack Problems. It is proved that an optimal solution to the Knapsack Problem is balanced, and thus only balanced feasible solutions need to be enumerated in order to solve the problem to optimality. Restricting a dynamic programming algorithm to only consider balanced states implies that the Subset-sum Problem, 0–1 Knapsack Problem, Multiple-choice Subset-sum Problem, and Bounded Knapsack Problem all are solvable in linear time, provided that the weights and profits are bounded by a constant. Extensive computational experiments are presented to document that the derived algorithm for the Subset-sum Problem is able to solve several problems from the literature which could not be solved previously.
Article
We show that in any finite field q a primitive root can be found in time .
Article
We present a simple Logspace algorithm that solves the Unary Subset-Sum problem.
Article
We present a randomized polynomial time algorithm to determine if a multivariate polynomial is zero using O(log mn) random bits where n is the number of variables, m is the number of monomials, and is the total degree of the unknown polynomial. All other known randomized identity tests (see for example [CK97, LV98, AB99]) use n) random bits even when the polynomial is sparse and has low total degree. In such cases our algorithm has an exponential savings in randomness. In addition, we obtain the first polynomial time algorithm for interpolating sparse polynomials over finite fields of large characteristic. Our approach uses an error correcting code combined with the randomness optimal isolation lemma of [CRS95] and yields a generalized isolation lemma which works with respect to a set of linear forms over a base set. 0 1 Introduction Many well known problems in algorithms and complexity reduce to the polynomial identity testing problem: given a multivariate polynomial p(x...
Article
Let a be a positive integer greater than 1, and Q_a(x;k,j) be the set of primes p less than x such that the residual order of a(mod p) is congruent to j modulo k. In this paper, the natural densities of Q_a(x;4,j) (j=0,1,2,3) are considered. We assume a is square-free and a is congruent to 1 (mod 4). Then, for j=0, 2, we can prove unconditionally that their natural densities are equal to 1/3. On the contrary, for j=1, 3, we assume Generalized Riemann Hypothesis, then we can prove that their densities are equal to 1/6.
Computers and Intractability. A Guide to the Theory of
  • H R Lewis
Dynamic Programming (1957) Google Scholar
  • R E Bellman