On the Complexity of Non-adaptively Increasing the Stretch of Pseudorandom Generators
نویسندگان
چکیده
We study the complexity of black-box constructions of linearstretch pseudorandom generators starting from a 1-bit stretch oracle generator G. We show that there is no construction which makes nonadaptive queries to G and then just outputs bits of the answers. The result extends to constructions that both work in the non-uniform setting and are only black-box in the primitive G (not the proof of correctness), in the sense that any such construction implies NP/poly 6= P/poly. We then argue that not much more can be obtained using our techniques: via a modification of an argument of Reingold, Trevisan, and Vadhan (TCC ’04), we prove in the non-uniform setting that there is a construction which only treats the primitive G as black-box, has polynomial stretch, makes non-adaptive queries to the oracle G, and outputs an affine function (i.e., parity or its complement) of the oracle query answers.
منابع مشابه
On Pseudorandom Generators in NC
In this paper we consider the question of whether NC circuits can generate pseudorandom distributions. While we leave the general question unanswered, we show • Generators computed by NC circuits where each output bit depends on at most 3 input bits (i.e, NC03 circuits) and with stretch factor greater than 4 are not pseudorandom. • A large class of “non-problematic” NC generators with superline...
متن کاملLimits on the Stretch of Non-adaptive Constructions of Pseudo-Random Generators
The standard approach for constructing a large-stretch pseudorandom generator given a one-way permutation or given a smaller-stretch pseudo-random generator involves repeatedly composing the given primitive with itself. In this paper, we consider whether this approach is necessary, that is, whether there are constructions that do not involve composition. More formally, we consider black-box con...
متن کاملCOS598D Lecture 3 Pseudorandom generators from one-way functions
In this lecture we prove the existence of pseudorandom-generators assuming that one-way functions exist (Hastad, Impagliazzo, Levin and Luby '99). Our proof is with respect to non-uniform security. We also sketch the uniform case which requires a uniform version of Impagliazzo's hardcore set lemma that uses ideas from learning theory. We briefly recall some standard notions from cryptography. F...
متن کاملTwo Comments on Targeted Canonical Derandomizers
We revisit the notion of a targeted canonical derandomizer, introduced in our recent ECCC Report (TR10-135) as a uniform notion of a pseudorandom generator that suffices for yielding BPP = P . The original notion was derived (as a variant of the standard notion of a canonical derandomizer) by providing both the distinguisher and the generator with the same auxiliaryinput. Here we take one step ...
متن کاملCryptanalysis of Pseudorandom Generators
As a motivating application for the study of lattice in cryptography we consider the construction of pseudorandom generators. We recall that a pseudorandom generator is a program G(x) (computable in deterministic polynomial time) that maps bitstrings x ∈ {0, 1} to longer strings G(x) ∈ {0, 1} such that, if x is chosen uniformly at random and kept secret, then the output G(x) will “look” random ...
متن کامل