Randomness vs. time: de-randomization under a uniform assumption

We prove that if BPP/spl ne/EXP, then every problem in BPP can be solved deterministically in subexponential time on almost every input (on every samplable ensemble for infinitely many input sizes). This is the first derandomization result for BPP based on uniform, noncryptographic hardness assumptions. It implies the following gap in the average-instance complexities of problems in BPP: either these complexities are always sub-exponential or they contain arbitrarily large exponential functions. We use a construction of a small "pseudorandom" set of strings from a "hard function" in EXP which is identical to that used in the analogous non-uniform results described previously. However, previous proofs of correctness assume the "hard function" is not in P/poly. They give a non-constructive argument that a circuit distinguishing the pseudo-random strings from truly random strings implies that a similarly-sized circuit exists computing the "hard function". Our main technical contribution is to show that, if the "hard function" has certain properties, then this argument can be made constructive. We then show that, assuming ESP/spl sube/P/poly, there are EXP-complete functions with these properties.

[1]  Noam Nisan,et al.  Hardness vs Randomness , 1994, J. Comput. Syst. Sci..

[2]  Seinosuke Toda On the computational power of PP and (+)P , 1989, 30th Annual Symposium on Foundations of Computer Science.

[3]  Noam Nisan,et al.  Pseudorandom bits for constant depth circuits , 1991, Comb..

[4]  Noam Nisan,et al.  On Yao's XOR-Lemma , 1995, Electron. Colloquium Comput. Complex..

[5]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[6]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[7]  Joan Feigenbaum,et al.  Hiding Instances in Multioracle Queries , 1990, STACS.

[8]  Hugo Krawczyk,et al.  On the Existence of Pseudorandom Generators , 1993, SIAM J. Comput..

[9]  Richard J. Lipton,et al.  New Directions In Testing , 1989, Distributed Computing And Cryptography.

[10]  Noam Nisan,et al.  BPP has subexponential time simulations unlessEXPTIME has publishable proofs , 1991, [1991] Proceedings of the Sixth Annual Structure in Complexity Theory Conference.

[11]  Russell Impagliazzo,et al.  Hard-core distributions for somewhat hard problems , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[12]  Leonid A. Levin,et al.  One-way functions and pseudorandom generators , 1985, STOC '85.

[13]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[14]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[15]  Johan Hstad,et al.  Construction of a pseudo-random generator from any one-way function , 1989 .

[16]  Leonid A. Levin,et al.  Average Case Complete Problems , 1986, SIAM J. Comput..

[17]  Michael Luby,et al.  Pseudorandomness and cryptographic applications , 1996, Princeton computer science notes.

[18]  José D. P. Rolim,et al.  Hitting Properties of Hard Boolean Operators and their Consequences on BPP , 1996, Electron. Colloquium Comput. Complex..

[19]  Carsten Lund,et al.  Nondeterministic exponential time has two-prover interactive protocols , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[20]  Adi Shamir,et al.  On the generation of cryptographically strong pseudorandom sequences , 1981, TOCS.

[21]  José D. P. Rolim,et al.  Hitting Sets Derandomize BPP , 1996, ICALP.

[22]  Manuel Blum,et al.  How to Generate Cryptographically Strong Sequences of Pseudo Random Bits , 1982, FOCS.

[23]  Adi Shamir,et al.  On the Generation of Cryptographically Strong Pseudo-Random Sequences , 1981, ICALP.