Reducing the number of phone books in PCP (smart random linear combinations)
(Ingredient 5 of 5 in the PCP overview.)
We saw in our toy PCP protocol that we can combine all the equations from Quad-SAT into a single one by taking a random linear combination. Our goal is to improve this by taking a “random-looking” combination that still has the same property an assignment failing even one of the equations is going to fail the collated equation with probability close to .
It turns out there is actually a well-developed theory of how to take the “random-looking” linear combination, and it comes from the study of error-correcting codes. We will use this to show that if is large enough, one can do this with only combinations. That’s much better than the we had before.
The construction here comes from Reed–Solomon codes, which are based on the simple fact that a (one-variable) polynomial of degree at most is determined by its values at points. So if I tell you the values at more than points, there is guaranteed to be some redundancy between them.
Linear combinations from polynomials
Again, let’s suppose we have quadratic equations in variables. Actually, each is a quadratic function of variables, and the equations say that for every .
Consider the linear combinations
for . (A note for the experts: We can take any distinct values for – the specific values don’t matter. So if , we can go up to a larger finite field that contains , and choose values of .)
If you look at it as a function of , the linear combination is a polynomial of degree (at most) . Since a nonzero polynomial of degree has at most roots, one of the following two things has to happen.
- Either all the ’s are zero (so the system is satisfied),
- or at least 99% of the ’s are nonzero.
Now we can cut the phone books down to phone books, one for each value of . The verifier chooses a at random, finds the phone book with on its cover, and then the protocol proceeds as before.