On Pseudorandom Generators with Linear Stretch in NC0

Abstract.We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results: 1.We show that the existence of a linear-stretch PRG in NC0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, it implies that Max3SAT is hard to approximate to within some multiplicative constant.2.We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding “sparsely generated” linear codes. Such an assumption was previously conjectured by Alekhnovich (FOCS 2003).

[1]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[2]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[3]  Noga Alon,et al.  A Fast and Simple Randomized Parallel Algorithm for the Maximal Independent Set Problem , 1985, J. Algorithms.

[4]  Moni Naor,et al.  Small-bias probability spaces: efficient constructions and applications , 1990, STOC '90.

[5]  Mihalis Yannakakis,et al.  Optimization, approximation, and complexity classes , 1991, STOC '88.

[6]  Carsten Lund,et al.  Proof verification and hardness of approximation problems , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[7]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[8]  Hugo Krawczyk,et al.  On the Existence of Pseudorandom Generators , 1993, SIAM J. Comput..

[9]  Adi Shamir,et al.  The Discrete Logarithm Modulo a Composite Hides O(n) Bits , 1993, J. Comput. Syst. Sci..

[10]  Avi Wigderson,et al.  Tiny Families of Functions with Random Properties: A Quality-Size Trade-off for Hashing , 1997, Electron. Colloquium Comput. Complex..

[11]  Noga Alon,et al.  Random Cayley Graphs and Expanders , 1994, Random Struct. Algorithms.

[12]  Jaikumar Radhakrishnan,et al.  Tight bounds for depth-two superconcentrators , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[13]  Sanjeev Arora,et al.  Probabilistic checking of proofs: a new characterization of NP , 1998, JACM.

[14]  Carsten Lund,et al.  Proof verification and the hardness of approximation problems , 1998, JACM.

[15]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[16]  Oded Goldreich,et al.  Candidate One-Way Functions Based on Expander Graphs , 2011, Studies in Complexity and Cryptography.

[17]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[18]  Jaikumar Radhakrishnan,et al.  Bounds for Dispersers, Extractors, and Depth-Two Superconcentrators , 2000, SIAM J. Discret. Math..

[19]  Peter Bro Miltersen,et al.  On pseudorandom generators in NC 0 ⋆ , 2001 .

[20]  Peter Bro Miltersen,et al.  On Pseudorandom Generators in NC , 2001, MFCS.

[21]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[22]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[23]  Amnon Ta-Shma,et al.  Loss-less condensers, unbalanced expanders, and extractors , 2001, STOC '01.

[24]  Oded Goldreich Randomized Methods in Computation-Lecture Notes , 2001 .

[25]  Uriel Feige,et al.  Relations between average case complexity and approximation complexity , 2002, STOC '02.

[26]  Avi Wigderson,et al.  Randomness conductors and constant-degree lossless expanders , 2002, STOC '02.

[27]  Elchanan Mossel,et al.  On /spl epsiv/-biased generators in NC/sup 0/ , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[28]  Avi Wigderson,et al.  Computational Analogues of Entropy , 2003, RANDOM-APPROX.

[29]  Amit Sahai,et al.  A complete problem for statistical zero knowledge , 2003, JACM.

[30]  Luca Trevisan,et al.  On e-Biased Generators in NC0 , 2003, FOCS.

[31]  Eli Ben-Sasson,et al.  Randomness-efficient low degree tests and short PCPs via epsilon-biased sets , 2003, STOC '03.

[32]  Elchanan Mossel,et al.  On ε‐biased generators in NC0 , 2006, Random Struct. Algorithms.

[33]  Amir Shpilka,et al.  On ε-Biased Generators in NC , 2003 .

[34]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[35]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[36]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[37]  R. Steele,et al.  Optimization , 2005, Encyclopedia of Biometrics.

[38]  Emanuele Viola,et al.  On constructing parallel pseudorandom generators from one-way functions , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[39]  Yevgeniy Dodis,et al.  Correcting errors without leaking partial information , 2005, STOC '05.

[40]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[41]  Amir Shpilka Constructions of Low-Degree and Error-Correcting in-Biased Generators , 2006, Computational Complexity Conference.

[42]  Amir Shpilka,et al.  Constructions of Low-degree and Error-Correcting ε-Biased Generators , 2006, 21st Annual IEEE Conference on Computational Complexity (CCC'06).

[43]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.