Theory of Cryptography

Volume 7194 of the series Lecture Notes in Computer Science pp 369-382

Hardness Preserving Constructions of Pseudorandom Functions

  • Abhishek JainAffiliated withUCLA
  • , Krzysztof PietrzakAffiliated withIST
  • , Aris TentesAffiliated withNew York University


We show a hardness-preserving construction of a PRF from any length doubling PRG which improves upon known constructions whenever we can put a non-trivial upper bound q on the number of queries to the PRF. Our construction requires only O(logq) invocations to the underlying PRG with each query. In comparison, the number of invocations by the best previous hardness-preserving construction (GGM using Levin’s trick) is logarithmic in the hardness of the PRG.

For example, starting from an exponentially secure PRG {0,1} n ↦{0,1}2n , we get a PRF which is exponentially secure if queried at most \(q=\exp(\sqrt n)\) times and where each invocation of the PRF requires \(\Theta(\sqrt n)\) queries to the underlying PRG. This is much less than the Θ(n) required by known constructions.