The constructions presented in the above paper use a finite field which is either GF(2") or GF( p) for some prime p. The constructions are presented assuming that one has a representation of the field (i.e., an irreducible polynomial of degree m or the prime p , respectively). Such representations could be found, with overwhelmingly high probability, in probabilistic polynomial-time (in m or I P I , respectively). The paper contained some remarks indicating how to achieve this goal using only a linear number of unbiased coin tosses. However, in retrospect we feel that some more details should be given. For uniformity of exposition, we denote by m the logarithm (to base 2) of the size of the required field. The field representations in both cases can be encoded by strings of length m. Furthermore, in both cases about a fraction of all m-bit long strings are valid representations, and one can efficiently determine whether a string is a valid representation. Hence, selecting a valid representation can be done by selecting candidates at random until a valid one is found. As indicated in the paper, to save on randomness, we use an efficient sampling which in turn uses a construction of a sequence of pairwise independent variables, each uniformly distributed in (0, l}". The problem which arises is that the standard constructions of such pairwise independent sequences use a field of similar cardinality (i.e., with at least 2"' elements), and hence we need a representation for this field, which brings us to a circular argument. The solution is to use the known pairwise independent constructions in a slightly less straightforward manner. Specifically, suppose we need to generate a t-long sequence of pairwise independent m-bit strings (e.g., in the above application t = O(rn)). The idea is to 1 m