The Parity Problem in the Presence of Noise, Decoding Random Linear Codes, and the Subset Sum Problem

(Extended Abstract)
  • Vadim Lyubashevsky
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3624)


In [2], Blum et al. demonstrated the first sub-exponential algorithm for learning the parity function in the presence of noise. They solved the length-n parity problem in time 2 O(n/log n) but it required the availability of 2 O(n/log n) labeled examples. As an open problem, they asked whether there exists a 2 o(n) algorithm for the length-n parity problem that uses only poly(n) labeled examples. In this work, we provide a positive answer to this question. We show that there is an algorithm that solves the length-n parity problem in time 2 O(n/loglog n) using n 1 + ε labeled examples. This result immediately gives us a sub-exponential algorithm for decoding n × n 1 + ε random binary linear codes (i.e. codes where the messages are n bits and the codewords are n 1 + ε bits) in the presence of random noise. We are also able to extend the same techniques to provide a sub-exponential algorithm for dense instances of the random subset sum problem.


Hash Function Linear Code Parity Function Random Element Parity Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ajtai, M.: Generating hard instances of lattice problems. In: Proc. 28th Annual Symposium on Theory of Computing, pp. 99–108 (1996)Google Scholar
  2. 2.
    Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. JACM 50(4), 506–519 (2003)CrossRefMathSciNetGoogle Scholar
  3. 3.
    Flaxman, A., Przydatek, B.: Solving medium-density subset sum problems in expected polynomial time. In: Diekert, V., Durand, B. (eds.) STACS 2005. LNCS, vol. 3404, pp. 305–314. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Frieze, A.: On the Lagarias-Odlyzko algorithm for the subset sum problem. SIAM J. Comput. 15, 536–539 (1986)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Goldreich, O., Levin, L.A.: Hard-core predicates for any one-way function. In: Proc. 21st Annual Symposium on Theory of Computing, pp. 25–32 (1989)Google Scholar
  6. 6.
    Impagliazzo, R., Naor, M.: Efficient cryptographic schemes provably as secure as subset sum. Journal of Cryptology 9(4), 199–216 (1996)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Impagliazzo, R., Zuckerman, D.: How to recycle random bits. In: Proc. 30th Annual Symposium on Foundations of Computer Science, pp. 248–253 (1989)Google Scholar
  8. 8.
    Lagarias, J.C., Odlyzko, A.M.: Solving low density subset sum problems. J. of the ACM 32, 229–246 (1985)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Lyubashevsky, V.: On random high density subset sums, Technical Report TR05-007, Electronic Coloquium on Computational Complexity, ECCC (2005)Google Scholar
  10. 10.
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on gaussian measure. In: Proc. 45th Annual Symposium on Foundations of Computer Science, pp. 372–381 (2004)Google Scholar
  11. 11.
    Schroeppel, R., Shamir, A.: A T = O(2(n/2)), S = O(2(n/4)) algorithm for certain NP-complete problems. SIAM J. Comput. 10, 456–464 (1981)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge University Press, Cambridge (2005)zbMATHGoogle Scholar
  13. 13.
    Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288–303. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Vadim Lyubashevsky
    • 1
  1. 1.University of California at San DiegoLa JollaUSA

Personalised recommendations