One way functions and pseudorandom generators
- 347 Downloads
Pseudorandom generators transform in polynomial time a short random “seed” into a long “pseudorandom” string. This string cannot be random in the classical sense of , but testing that requires an unrealistic amount of time (say, exhaustive search for the seed). Such pseudorandom generators were first discovered in  assuming that the function (a x modb) is one-way, i.e., easy to compute, but hard to invert on a noticeable fraction of instances. In  this assumption was generalized to the existence of any one-way permutation. The permutation requirement is sufficient but still very strong. It is unlikely to be proven necessary, unless something crucial, like P=NP, is discovered. Below, among other observations, a weaker assumption about one-way functions is proposed, which is not only sufficient, but also necessary for the existence of pseudorandom generators.
Unable to display preview. Download preview PDF.
- L. Blum, M. Blum andM. Shub, A Simple Secure Pseudo-Random Number Generator,Advances in Cryptology (ed. D. Chaum, R. L. Rivest and A. T. Sherman), Plenum Press, 1983, 61–78.Google Scholar
- S. Goldwasser,Probabilistic Encryption: Theory and Applications, Ph. D. Dissert, University of California at Berkeley (1984), Section 4.2.3.Google Scholar
- A. N. Kolmogorov, Three Approaches to the Concept of the Amount of Information,Probl. Inf. Transm. (1965), 1/1.Google Scholar
- L. Levin, Average Case Complete Problems,SIAM J. Comput. (1986), 285–286.Google Scholar
- L. Levin, Randomness Conservation Inequalities,Information and Control 61 (1984), section 1.3; In less detail in Theorem 2 of Universal Sequential Search Problems,Probl. Inf. Transm. 9 (1973).Google Scholar
- C. Rackoff, Personal communication, (1985).Google Scholar
- A. C. Yao, Theory and Applications of Trapdoor Functions,Proc. 23rd IEEE Symp. on Foundations of Computer Science (1982), 80–91.Google Scholar