On pseudorandom generators with linear stretch in NC0

Benny Applebaum; Yuval Ishai; Eyal Kushilevitz

doi:10.1007/s00037-007-0237-6

On pseudorandom generators with linear stretch in NC⁰

Benny Applebaum, Yuval Ishai, Eyal Kushilevitz

Computer Science

Research output: Contribution to journal › Article › peer-review

40 Scopus citations

Abstract

We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC⁰, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC⁰. In this work we study this question and obtain the following main results: 1. We show that the existence of a linear-stretch PRG in NC ⁰ implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, it implies that Max3SAT is hard to approximate to within some multiplicative constant. 2. We construct a linear-stretch PRG in NC⁰ under a specific intractability assumption related to the hardness of decoding "sparsely generated" linear codes. Such an assumption was previously conjectured by Alekhnovich (FOCS 2003).

Original language	English
Pages (from-to)	38-69
Number of pages	32
Journal	Computational Complexity
Volume	17
Issue number	1
DOIs	https://doi.org/10.1007/s00037-007-0237-6
State	Published - Apr 2008

Keywords

Constant depth circuits
Cryptography
Pseudorandom generators
nc0

ASJC Scopus subject areas

Theoretical Computer Science
General Mathematics
Computational Theory and Mathematics
Computational Mathematics

Access to Document

10.1007/s00037-007-0237-6

Cite this

@article{02e03035b41041ed811e2698a5e9e12d,

title = "On pseudorandom generators with linear stretch in NC0",

abstract = "We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results: 1. We show that the existence of a linear-stretch PRG in NC 0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, it implies that Max3SAT is hard to approximate to within some multiplicative constant. 2. We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding {"}sparsely generated{"} linear codes. Such an assumption was previously conjectured by Alekhnovich (FOCS 2003).",

keywords = "Constant depth circuits, Cryptography, Pseudorandom generators, nc0",

author = "Benny Applebaum and Yuval Ishai and Eyal Kushilevitz",

note = "Funding Information: We thank Eli Ben-Sasson, Amir Shpilka and Amnon Ta-Shma for helpful discussions. WealsothankOdedGoldreichformanyusefulsuggestionswhichim-proved the presentation of this paper. Research supported by grants 1310/06 and 36/03 from the Israel Science Foundation.",

year = "2008",

month = apr,

doi = "10.1007/s00037-007-0237-6",

language = "אנגלית",

volume = "17",

pages = "38--69",

number = "1",

}

TY - JOUR

T1 - On pseudorandom generators with linear stretch in NC0

AU - Applebaum, Benny

AU - Ishai, Yuval

AU - Kushilevitz, Eyal

N1 - Funding Information: We thank Eli Ben-Sasson, Amir Shpilka and Amnon Ta-Shma for helpful discussions. WealsothankOdedGoldreichformanyusefulsuggestionswhichim-proved the presentation of this paper. Research supported by grants 1310/06 and 36/03 from the Israel Science Foundation.

PY - 2008/4

Y1 - 2008/4

N2 - We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results: 1. We show that the existence of a linear-stretch PRG in NC 0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, it implies that Max3SAT is hard to approximate to within some multiplicative constant. 2. We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding "sparsely generated" linear codes. Such an assumption was previously conjectured by Alekhnovich (FOCS 2003).

AB - We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results: 1. We show that the existence of a linear-stretch PRG in NC 0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, it implies that Max3SAT is hard to approximate to within some multiplicative constant. 2. We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding "sparsely generated" linear codes. Such an assumption was previously conjectured by Alekhnovich (FOCS 2003).

KW - Constant depth circuits

KW - Cryptography

KW - Pseudorandom generators

KW - nc0

UR - http://www.scopus.com/inward/record.url?scp=45049086177&partnerID=8YFLogxK

U2 - 10.1007/s00037-007-0237-6

DO - 10.1007/s00037-007-0237-6

M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???

AN - SCOPUS:45049086177

SN - 1016-3328

VL - 17

SP - 38

EP - 69

JO - Computational Complexity

JF - Computational Complexity

IS - 1

ER -