On Pseudorandom Generators with Linear Stretch in NC0
We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results:
1. We show that the existence of a linear-stretch PRG in NC0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, that Max 3SAT is hard to approximate to within some constant.
2. We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding “sparsely generated” linear codes. Such an assumption was previously conjectured by Alekhnovich .
We note that Alekhnovich directly obtains hardness of approximation results from the latter assumption. Thus, we do not prove hardness of approximation under new concrete assumptions. However, our first result is motivated by the hope to prove hardness of approximation under more general or standard cryptographic assumptions, and the second result is independently motivated by cryptographic applications.
KeywordsLinear Code Pseudorandom Generator Expansion Property Expander Graph Inapproximability Result
Unable to display preview. Download preview PDF.
- 1.Alekhnovich, M.: More on average case vs approximation complexity. In: Proc. 44th FOCS, pp. 298–307 (2003)Google Scholar
- 3.Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography in NC0. SIAM J. Comput. (to appear); Preliminary version in FOCS 2004 Google Scholar
- 6.Ben-Sasson, E., Sudan, M., Vadhan, S., Wigderson, A.: Randomness-efficient low-degree tests and short pcps via epsilon-biased sets. In: Proc. 35th STOC, pp. 612–621 (2003)Google Scholar
- 7.Blum, A., Furst, M., Kearns, M., Lipton, R.J.: Cryptographic primitives based on hard learning problems. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 278–291. Springer, Heidelberg (1994)Google Scholar
- 9.Capalbo, M., Reingold, O., Vadhan, S., Wigderson, A.: Randomness conductors and constant-degree lossless expanders. In: Proc. 34th STOC, pp. 659–668 (2002)Google Scholar
- 11.Dodis, Y., Smith, A.: Correcting errors without leaking partial information. In: Proc. 37th STOC, pp. 654–663 (2005)Google Scholar
- 12.Feige, U.: Relations between average case complexity and approximation complexity. In: Proc. of 34th STOC, pp. 534–543 (2002)Google Scholar
- 13.Goldreich, O.: Candidate one-way functions based on expander graphs. ECCC 7(090) (2000)Google Scholar
- 17.Mossel, E., Shpilka, A., Trevisan, L.: On ε-biased generators in NC0. In: Proc. 44th FOCS, pp. 136–145 (2003)Google Scholar
- 22.Vazirani, U.: Randomness, Adversaries and Computation. Ph.d. thesis, UC Berkeley (1986)Google Scholar
- 23.Viola, E.: On constructing parallel pseudorandom generators from one-way functions. In: Proc. 20th CCC, pp. 183–197 (2005)Google Scholar
- 24.Yao, A.C.: Theory and application of trapdoor functions. In: Proc. 23rd FOCS, pp. 80–91 (1982)Google Scholar