On Pseudorandom Generators in NC
نویسندگان
چکیده
In this paper we consider the question of whether NC circuits can generate pseudorandom distributions. While we leave the general question unanswered, we show • Generators computed by NC circuits where each output bit depends on at most 3 input bits (i.e, NC03 circuits) and with stretch factor greater than 4 are not pseudorandom. • A large class of “non-problematic” NC generators with superlinear stretch (including all NC03 generators with superlinear stretch) are broken by a statistical test based on a linear dependency test combined with a pairwise independence test. • There is an NC04 generator with a super-linear stretch that passes the linear dependency test as well as k-wise independence tests, for any constant k.
منابع مشابه
On Pseudorandom Generators with Linear Stretch in NC
We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC. In this work we stud...
متن کاملOn the Existence of Pseudorandom Generators
Pseudorandom generators [BM, Y] are efficient deterministic programs that expand a randomly selected k-bit seed into a much longer pseudorandom bit sequence which is indistinguishable in polynomial-time from a sequence of unbiased coin tosses. Thus, pseudorandom sequences can replace truly random sequences in all practical (i.e. polynomial-time) applications. Pseudorandom generators are known t...
متن کاملCryptography in Nc
We study the parallel time-complexity of basic cryptographic primitives such as one-way functions (OWFs) and pseudorandom generators (PRGs). Specifically, we study the possibility of implementing instances of these primitives by NC functions, namely by functions in which each output bit depends on a constant number of input bits. Despite previous efforts in this direction, there has been no con...
متن کاملOn ε-Biased Generators in NC
Cryan and Miltersen [8] recently considered the question of whether there can be a pseudorandom generator in NC, that is, a pseudorandom generator that maps n-bit strings to m-bit strings such that every bit of the output depends on a constant number k of bits of the seed. They show that for k = 3, if m ≥ 4n + 1, there is a distinguisher; in fact, they show that in this case it is possible to b...
متن کاملLecture 17: Pseudorandom Generators Based on Scribe Notes
As we have seen, one way to resolve this question in the positive is to use the following two-step process: First show that the number of random bits for any BPP algorithm can be reduced from nc to O(log n), and then eliminate the randomness entirely by enumeration. Thus, we would like to have a function G : {0, 1}O(log n) → {0, 1}nc that stretches a seed of O(log n) truly random bits into nc b...
متن کامل