Abstract
We consider the question of constructing pseudorandom generators that simultaneously have linear circuit complexity (in the output length), exponential security (in the seed length), and a large stretch (linear or polynomial in the seed length). We refer to such a pseudorandom generator as an asymptotically optimal PRG. We present a simple construction of an asymptotically optimal PRG from any one-way function f:{0, 1}n→{0, 1}n which satisfies the following requirements:1.f can be computed by linear-size circuits;2.f is 2βn-hard to invert, for some constant β>0;3.f either has high entropy, in the sense that the min-entropy of f(x) on a random input x is at least γn where β/3+γ>1, or alternatively it is regular in the sense that the preimage size of every output of f is fixed. Known constructions of PRGs from one-way functions can do without the entropy or regularity requirements, but they achieve slightly sub-exponential security (Vadhan and Zheng (2012) [27]). Our construction relies on a technical result about hardcore functions that may be of independent interest. We obtain a family of hardcore functions H={h:{0,1}n→{0,1}αn} that can be computed by linear-size circuits for any 2βn-hard one-way function f:{0, 1}n→{0, 1}n where β>3α. Our construction of asymptotically optimal PRGs uses such hardcore functions, which are obtained via linear-size computable affine hash functions (Ishai et al. (2008) [24]).
Original language | English |
---|---|
Pages (from-to) | 50-63 |
Number of pages | 14 |
Journal | Theoretical Computer Science |
Volume | 554 |
Issue number | C |
DOIs | |
State | Published - 2014 |
Keywords
- Circuit complexity
- Cryptography
- One-way functions
- Pseudorandom generators
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science