On Pseudorandom Generators with Linear Stretch in NC0

We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results: 1. We show that the existence of a linear-stretch PRG in NC0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, that Max 3SAT is hard to approximate to within some constant. 2. We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding “sparsely generated” linear codes. Such an assumption was previously conjectured by Alekhnovich [1]. We note that Alekhnovich directly obtains hardness of approximation results from the latter assumption. Thus, we do not prove hardness of approximation under new concrete assumptions. However, our first result is motivated by the hope to prove hardness of approximation under more general or standard cryptographic assumptions, and the second result is independently motivated by cryptographic applications.

[1]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[2]  Amnon Ta-Shma,et al.  Loss-less condensers, unbalanced expanders, and extractors , 2001, STOC '01.

[3]  Jaikumar Radhakrishnan,et al.  Tight bounds for depth-two superconcentrators , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[4]  Avi Wigderson,et al.  Computational Analogues of Entropy , 2003, RANDOM-APPROX.

[5]  Amir Shpilka Constructions of Low-Degree and Error-Correcting in-Biased Generators , 2006, Computational Complexity Conference.

[6]  Noga Alon,et al.  Random Cayley Graphs and Expanders , 1994, Random Struct. Algorithms.

[7]  U. Vazirani Randomness, adversaries and computation (random polynomial time) , 1986 .

[8]  Oded Goldreich,et al.  Candidate One-Way Functions Based on Expander Graphs , 2000, Studies in Complexity and Cryptography.

[9]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[10]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[11]  Hugo Krawczyk,et al.  On the Existence of Pseudorandom Generators , 1993, SIAM J. Comput..

[12]  Eli Ben-Sasson,et al.  Randomness-efficient low degree tests and short PCPs via epsilon-biased sets , 2003, STOC '03.

[13]  Moni Naor,et al.  Bit commitment using pseudorandomness , 2004, Journal of Cryptology.

[14]  Emanuele Viola,et al.  On constructing parallel pseudorandom generators from one-way functions , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[15]  Uriel Feige,et al.  Resolution lower bounds for the weak pigeon hole principle , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[16]  Sanjeev Arora,et al.  Probabilistic checking of proofs: a new characterization of NP , 1998, JACM.

[17]  Mihalis Yannakakis,et al.  Optimization, approximation, and complexity classes , 1991, STOC '88.

[18]  Peter Bro Miltersen,et al.  On Pseudorandom Generators in NC , 2001, MFCS.

[19]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[20]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[21]  Oded Goldreich,et al.  Tiny Families of Functions with Random Properties: A Quality-Size Trade-off for Hashing (Preliminary Version) , 1997, STOC 1994.

[22]  SahaiAmit,et al.  A complete problem for statistical zero knowledge , 2003 .

[23]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[24]  Jaikumar Radhakrishnan,et al.  Bounds for Dispersers, Extractors, and Depth-Two Superconcentrators , 2000, SIAM J. Discret. Math..

[25]  Avi Wigderson,et al.  Randomness conductors and constant-degree lossless expanders , 2002, STOC '02.

[26]  Carsten Lund,et al.  Proof verification and the hardness of approximation problems , 1998, JACM.

[27]  Moni Naor,et al.  Small-Bias Probability Spaces: Efficient Constructions and Applications , 1993, SIAM J. Comput..

[28]  Elchanan Mossel,et al.  On ε‐biased generators in NC0 , 2006, Random Struct. Algorithms.

[29]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[30]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[31]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[32]  Noga Alon,et al.  A Fast and Simple Randomized Parallel Algorithm for the Maximal Independent Set Problem , 1985, J. Algorithms.

[33]  Luca Trevisan,et al.  On e-Biased Generators in NC0 , 2003, FOCS.

[34]  Yevgeniy Dodis,et al.  Correcting errors without leaking partial information , 2005, STOC '05.