Extractors Using Hardness Amplification
نویسندگان
چکیده
Zimand [24] presented simple constructions of locally computable strong extractors whose analysis relies on the direct product theorem for one-way functions and on the Blum-Micali-Yao generator. For N -bit sources of entropy γN , his extractor has seed O(logN) and extracts N random bits. We show that his construction can be analyzed based solely on the direct product theorem for general functions. Using the direct product theorem of Impagliazzo et al. [6], we show that Zimand’s construction can extract Ω̃γ(N ) random bits. (As in Zimand’s construction, the seed length is O(logN) bits.) We also show that a simplified construction can be analyzed based solely on the XOR lemma. Using Levin’s proof of the XOR lemma [8], we provide an alternative simpler construction of a locally computable extractor with seed length O(logN) and output length Ω̃γ(N ). Finally, we show that the derandomized direct product theorem of Impagliazzo and Wigderson [7] can be used to derive a locally computable extractor construction with O(logN) seed length and Ω̃(N) output length. Zimand describes a construction with O(logN) seed length and O(2 √ logN ) output length.
منابع مشابه
Extractors and Pseudorandom generators using the hard core lemma
We present a construction of an extractor based exclusively on hardness amplification which extracts from sources with (some) polynomially small min-entropy. This improves upon a similar construction of the author with Trevisan ([DT09]) both in terms of the entropy rate and seed length. The extractor in [DT09] could extract from N -bit sources with entropy γN (for γ > 0) using a seed of length ...
متن کاملHardness vs. Randomness within Alternating Time
We study the complexity of building pseudorandom generators (PRGs) with logarithmic seed length from hard functions. We show that, starting from a function f : {0, 1} → {0, 1} that is mildly hard on average, i.e. every circuit of size 2 fails to compute f on at least a 1/poly(l) fraction of inputs, we can build a PRG : {0, 1} n) → {0, 1} computable in ATIME (O(1), log n) = alternating time O(lo...
متن کاملOn the Possibilities and Limitations of Computational Fuzzy Extractors
We present positive and negative results of fuzzy extractors with computational security. As a negative result, we show that, under a certain computational condition, the existence of a computational fuzzy extractor implies the existence of an information-theoretic fuzzy extractor with slightly weaker parameters. The condition is that the generation procedure of the fuzzy extractor is efficient...
متن کاملOn the Limitations of Computational Fuzzy Extractors
We present a negative result of fuzzy extractors with computational security. Specifically, we show that, under a certain computational condition, the existence of a computational fuzzy extractor implies the existence of an information-theoretic fuzzy extractor with slightly weaker parameters. The condition is that the generation procedure of the fuzzy extractor is efficiently invertible by an ...
متن کاملComputational Fuzzy Extractors
Fuzzy extractors derive strong keys from noisy sources. Their security is defined informationtheoretically, which limits the length of the derived key, sometimes making it too short to be useful. We ask whether it is possible to obtain longer keys by considering computational security, and show the following. • Negative Result: Noise tolerance in fuzzy extractors is usually achieved using an in...
متن کامل