How to prove that $$ is in $\mathsf{NP} \setminus \mathsf{P}?$

Question

Suppose that there exists a function $:\{0,1\}^ → \{0,1\}^$ such that, is computable in polynomial time; and the following task cannot be computed in polynomial time (that is, there are $ ∈ \{0,1\}^$, for which, it cannot be computed efficiently): Given $ = ()$, find any $\hat{}∈ \{0,1\}^$ such that $(\hat{}) = .$

Define the language, $$ = \{(, ) | ∃\hat{} ∈ \{0,1\}^ \text{ such that } (\hat{}) = \text{ and } \hat{} < \}.$$ The comparison $<$ is with respect to the integers of which $\hat{}, $ are the respective binary representations (in general, $$ is viewed as a map from integers to integers).

Is the language $$ is in $\mathsf{NP}\setminus \mathsf{P}?$

My approach:

1. Guess a candidate $\hat{x}∈\{0,1\}^n$

2. Verify that $f(\hat{x})=y.$ Since is computable in polynomial time, we can compute $f(\hat{x})$ and check if it equals in polynomial time.

3. Verify that $\hat{x}<z$ .Comparing two -bit integers can be done in polynomial time as well.

Thus, a nondeterministic Turing machine can guess $\hat{x}$ and verify both conditions in polynomial time, which implies that $L \in \mathsf{NP}.$

If my $\mathsf{NP}$ logic is right, how can I show $L$ isn't in $\mathsf{P}$? Or any other way to show $$ is in $\mathsf{NP}\setminus \mathsf{P}?$

Answer 1

Following the hints provided by @poncho, let us assume that $L \in \mathsf{P}$. This implies the existence of a polynomial time algorithm $A$ that, given an input $(y, z)$ can decide whether $(y, z) \in L$. We will show that there is a polynomial time algorithm $B$ (that uses $A$) that can invert $f$, i.e., given $y$, find a $\hat{x}$ such that $f(\hat{x}) = y$. This would imply that $f$ is easy to invert which is not the case, hence $L \notin \mathsf{P}$.

The algorithm $B$ essentially performs a binary search to find a preimage $\hat{x}$ such that $f(\hat{x}) = y$ using $A$ as follows. It first checks whether $f(2^n - 1) = y$ (i.e., whether the largest $n$-bit integer is a preimage). If the condition passes, $B$ output $2^n-1$. Otherwise, it checks if $A(y, 2^n - 1) = 1$. If this condition also fails, $B$ output $\bot$ (i.e., there does not exist a preimage). These initial checks are crucial because if the only preimage is $2^n−1$, it cannot be found solely using $A$, since $(y,z) \in L$ only guarantees the existence of an $x$ strictly smaller than $z$ as a preimage of $y$.

Now, if the second check passes, it means that there is a preimage in the range $[0, 2^n-1)$. $B$ will use binary search to find a preimage. $B$ first checks whether $f(2^{n-1}) = y$. If so, it outputs $2^{n-1}$. If not, it checks whether $A(y, 2^{n-1}) = 1$. If this check passes, then $B$ will do a binary search in the range $[0, 2^{n-1})$. Otherwise, it will do a binary search in the range $(2^{n-1}, 2^n-1)$.

It is easy to see that the algorithm $B$ terminates in $O(n)$ steps and the correctness is quite straight-forward.

Answer 2

Your demonstration that $L \in NP$ is correct

how can I show $L$ isn't in $P$?

Show the converse. Assume that $L \in P$; that is, there is a polytime algorithm algorithm to compute $L$ on any input.

How could you use that to, given $ = ()$, find a $\hat{}∈ \{0,1\}^$ such that $(\hat{}) = $ in polynomial time?