De-randomizing BPP: the state of the art

The introduction of randomization into efficient computation has been one of the most fertile and useful ideas in computer science. In cryptography and asynchronous computing, randomization makes possible tasks that are impossible to perform deterministically. Even for function computation, many examples are known in which randomization allows considerable savings in resources like space and time over deterministic algorithms, or even "only" simplifies them. But to what extent is this seeming power of randomness over determinism real? The most famous concrete version of this question regards the power of BPP, the class of problems solvable by probabilistic polynomial time algorithms making small constant error. What is the relative power of such algorithms compared to deterministic ones? This is largely open. On the one hand, it is possible that P=BPP, i.e., randomness is useless for solving new problems in polynomial-time. On the other, we might have BPP=EXP, which would say that randomness would be a nearly omnipotent tool for algorithm design. The only viable path towards resolving this problem was the concept of "pseudorandom generators", and the "hardness vs. randomness" paradigm: BPP can be nontrivially simulated by deterministic algorithms, if some hard function is available. While the hard functions above needed in fact to be one-way functions, completely different pseudo-random generators allowed the use of any hard function in EXP for such nontrivial simulation. Further progress considerably weakened the hardness requirement, and considerably strengthened the deterministic simulation.

[1]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[2]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[3]  Dieter van Melkebeek,et al.  Graph nonisomorphism has subexponential size proofs unless the polynomial-time hierarchy collapses , 1999, STOC '99.

[4]  Luca Trevisan,et al.  Construction of extractors using pseudo-random generators (extended abstract) , 1999, STOC '99.

[5]  Noam Nisan,et al.  BPP has subexponential time simulations unlessEXPTIME has publishable proofs , 1991, [1991] Proceedings of the Sixth Annual Structure in Complexity Theory Conference.

[6]  Noam Nisan,et al.  Pseudorandom bits for constant depth circuits , 1991, Comb..

[7]  José D. P. Rolim,et al.  Hitting Properties of Hard Boolean Operators and their Consequences on BPP , 1996, Electron. Colloquium Comput. Complex..

[8]  Luca Trevisan,et al.  Pseudorandom generators without the XOR Lemma , 1999, Electron. Colloquium Comput. Complex..

[9]  José D. P. Rolim,et al.  Hitting Sets Derandomize BPP , 1996, ICALP.

[10]  Noam Nisan,et al.  Hardness vs. randomness , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[11]  Adi Shamir,et al.  On the Generation of Cryptographically Strong Pseudo-Random Sequences , 1981, ICALP.

[12]  Avi Wigderson,et al.  Randomness vs. time: de-randomization under a uniform assumption , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[13]  Oded Goldreich,et al.  Modern Cryptography, Probabilistic Proofs and Pseudorandomness , 1998, Algorithms and Combinatorics.