Derandomization in Cryptography

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2729)


We give two applications of Nisan–Wigderson-type (“non-cryptographic”) pseudorandom generators in cryptography. Specifically, assuming the existence of an appropriate NW-type generator, we construct:

1) A one-message witness-indistinguishable proof system for every language in NP, based on any trapdoor permutation. This proof system does not assume a shared random string or any setup assumption, so it is actually an “NP proof system.”

2) A noninteractive bit commitment scheme based on any one-way function.

The specific NW-type generator we need is a hitting set generator fooling nondeterministic circuits. It is known how to construct such a generator if E = TIME(2 O(n)) has a function of nondeterministic circuit complexity 2Ω(n) (Miltersen and Vinodchandran, FOCS ‘99). Our witness-indistinguishable proofs are obtained by using the NW-type generator to derandomize the ZAPs of Dwork and Naor (FOCS ‘00). To our knowledge, this is the first construction of an NP proof system achieving a secrecy property.

Our commitment scheme is obtained by derandomizing the interactive commitment scheme of Naor (J. Cryptology, 1991). Previous constructions of noninteractive commitment schemes were only known under incomparable assumptions.


Proof System Commitment Scheme Pseudorandom Generator Interactive Proof Auxiliary Input 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Blum, M., Micali, S.: How to generate cryptographically strong sequences of pseudo-random bits. SIAM J. Comput. 13, 850–864 (1984)zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Yao, A.C.: Theory and applications of trapdoor functions. In: Proc. 23rd FOCS, pp. 80–91. IEEE, Los Alamitos (1982)Google Scholar
  3. 3.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. JACM 33, 792–807 (1986)CrossRefMathSciNetGoogle Scholar
  4. 4.
    Razborov, A.A., Rudich, S.: Natural proofs. JCSS 55, 24–35 (1997)zbMATHMathSciNetGoogle Scholar
  5. 5.
    Valiant, L.G.: A theory of the learnable. Commun. ACM 27, 1134–1142 (1984)zbMATHCrossRefGoogle Scholar
  6. 6.
    Nisan, N., Wigderson, A.: Hardness vs. randomness. JCSS 49, 149–167 (1994)zbMATHMathSciNetGoogle Scholar
  7. 7.
    Impagliazzo, R., Wigderson, A.: P = BPP if E requires exponential circuits: Derandomizing the XOR lemma. In: Proc. 29th STOC, pp. 220–229. ACM, New York (1997)Google Scholar
  8. 8.
    Trevisan, L.: Extractors and pseudorandom generators. JACM 48, 860–879 (2001)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Impagliazzo, R., Kabanets, V., Wigderson, A.: In search of an easy witness: Exponential time vs. probabilistic polynomial time. In: Proc. 16th Conf. on Comp. Complexity, pp. 2–12. IEEE, Los Alamitos (2001)Google Scholar
  10. 10.
    Arvind, V., Köbler, J.: On pseudorandomness and resource-bounded measure. Theoret. Comput. Sci. 255, 205–221 (2001)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Klivans, A.R., van Melkebeek, D.: Graph nonisomorphism has subexponential size proofs unless the polynomial-time hierarchy collapses. SIAM J. Comput. 31, 1501–1526 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Miltersen, P.B., Vinodchandran, N.V.: Derandomizing Arthur-Merlin games using hitting sets. In: Proc. 40th FOCS, pp. 71–80. IEEE, Los Alamitos (1999)Google Scholar
  13. 13.
    Shaltiel, R., Umans, C.: Simple extractors for all min-entropies and a new pseudorandom generator. In: Proc. 42nd FOCS, pp. 648–657. IEEE, Los Alamitos (2001)Google Scholar
  14. 14.
    Dwork, C., Naor, M.: Zaps and their applications. In: Proc. 41st FOCS, pp. 283–293 (2000)Google Scholar
  15. 15.
    Naor, M.: Bit commitment using pseudorandomness. J. Cryptology 4, 151–158 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Rudich, S.: Super-bits, demi-bits, and NP̃/qpoly-natural proofs. In: Proc. 1st RANDOM, pp. 85–93. Springer, Heidelberg (1997)Google Scholar
  17. 17.
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18, 186–208 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof systems. J. Cryptology 7, 1–32 (1994)zbMATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: Proc. 20th STOC, pp. 103–112. ACM, New York (1988)Google Scholar
  20. 20.
    Blum, M., De Santis, A., Micali, S., Persiano, G.: Noninteractive zero-knowledge. SIAM J. Comput. 20, 1084–1118 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Feige, U., Shamir, A.: Zero knowledge proofs of knowledge in two rounds. In: Proc. 9th CRYPTO, pp. 526–545. Springer, Heidelberg (1989)Google Scholar
  22. 22.
    Feige, U., Lapidot, D., Shamir, A.: Multiple non-interactive zero knowledge proofs under general assumptions. SIAM J. Comput. 29, 1–28 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    De Santis, A., Di Crescenzo, G., Persiano, G.: Randomness-efficient non-interactive zero-knowledge (extended abstract). In: Proc. 24th ICALP, pp. 716–726. Springer, Heidelberg (1997)Google Scholar
  24. 24.
    De Santis, A., Di Crescenzo, G., Persiano, G.: Non-interactive zero-knowledge: A low-randomness characterization of NP. In: Proc. 26th ICALP, pp. 271–280. Springer, Heidelberg (1999)Google Scholar
  25. 25.
    De Santis, A., Di Crescenzo, G., Persiano, G.: Randomness-optimal characterization of two NP proof systems. In: Proc. 6th RANDOM, pp. 179–193. Springer, Heidelberg (2002)Google Scholar
  26. 26.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. JACM 38, 691–729 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    Blum, M.: Coin flipping by phone. In: 24th IEEE Computer Conference (Comp- Con), pp. 133–137 (1982)Google Scholar
  28. 28.
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: Proc. 21st STOC, pp. 25–32. ACM, New York (1989)Google Scholar
  29. 29.
    Hastad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28, 1364–1396 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  30. 30.
    Babai, L., Moran, S.: Arthur-Merlin games: A randomized proof system and a hierarchy of complexity classes. JCSS 36, 254–276 (1988)zbMATHMathSciNetGoogle Scholar
  31. 31.
    Goldreich, O.: Foundations of cryptography. Cambridge University Press, Cambridge (2001)zbMATHCrossRefGoogle Scholar
  32. 32.
    Goldwasser, S., Sipser, M.: Private coins versus public coins in interactive proof systems. Advances in Computing Research 5, 73–90 (1989)Google Scholar
  33. 33.
    Furer, M., Goldreich, O., Mansour, Y., Sipser, M., Zachos, S.: On completeness and soundness in interactive proof systems. Advances in Computing Research 5, 429–442 (1989)Google Scholar
  34. 34.
    Gutreund, D., Shaltiel, R., Ta-Shma, A.: Uniform hardness vs. randomness tradeoffs for Arthur-Merlin games. In: Proc. 18th Conf. on Comp. Complexity. IEEE, Los Alamitos (2003)Google Scholar
  35. 35.
    Goldreich, O.: Foundations of cryptography: Corrections and additions for volume 1 (2001), Available from
  36. 36.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Commun. ACM 21, 120–126 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  37. 37.
    Rabin, M.: Digitalized signatures and public-key functions as intractable as factorization. Technical Report MIT/LCS/TR-212, Laboratory for Computer Science, Massachusetts Institute of Technology (1979)Google Scholar
  38. 38.
    Levin, L.: One-way functions and pseudorandom generators. Combinatorica 7, 357–363 (1987)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  1. 1.Weizmann Institute of ScienceRehovotIsrael
  2. 2.Massachusetts Institute of TechnologyCambridge
  3. 3.Harvard UniversityCambridge

Personalised recommendations