On Constructing Locally Computable Extractors and Cryptosystems in the Bounded Storage Model

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2729)


We consider the problem of constructing randomness extractors that are locally computable; that is, read only a small number of bits from their input. As recently shown by Lu (CRYPTO ‘02), locally computable extractors directly yield secure private-key cryptosystems in Maurer’s bounded storage model (J. Cryptology, 1992).

We suggest a general “sample-then-extract” approach to constructing locally computable extractors. Plugging in known sampler and extractor constructions, we obtain locally computable extractors, and hence cryptosystems in the bounded storage model, whose parameters improve upon previous constructions and come quite close to the lower bounds.

The correctness of this approach follows from a fundamental lemma of Nisan and Zuckerman (J. Computer and System Sciences, 1996), which states that sampling bits from a weak random source roughly preserves the min-entropy rate. We also present a refinement of this lemma, showing that the min-entropy rate is preserved up to an arbitrarily small additive loss, whereas the original lemma loses a logarithmic factor.


Seed Length Pseudorandom Generator Entropy Rate Distinct Sample Random Source 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Vadhan, S.P.: On constructing locally computable extractors and cryptosystems in the bounded storage model. Cryptology ePrint Archive, 2002/162 (2002)Google Scholar
  2. 2.
    Maurer, U.: Conditionally-perfect secrecy and a provably-secure randomized cipher. J. Cryptology 5, 53–66 (1992)zbMATHMathSciNetGoogle Scholar
  3. 3.
    Cachin, C., Maurer, U.: Unconditional security against memory-bounded adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 292–306. Springer, Heidelberg (1997)Google Scholar
  4. 4.
    Aumann, Y., Rabin, M.O.: Information theoretically secure communication in the limited storage space model. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 65–79. Springer, Heidelberg (1999)Google Scholar
  5. 5.
    Aumann, Y., Ding, Y.Z., Rabin, M.O.: Everlasting security in the bounded storage model. IEEE Trans. Information Theory 48, 1668–1680 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Ding, Y.Z., Rabin, M.O.: Hyper-encryption and everlasting security (extended abstract). In: Alt, H., Ferreira, A. (eds.) STACS 2002. LNCS, vol. 2285, pp. 1–26. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Dziembowski, S., Maurer, U.: Tight security proofs for the bounded-storage model. In: 34th STOC, December 2000, pp. 341–350 (2002), See also preliminary journal version, entitled Optimal Randomizer Efficiency in the Bounded-Storage Model (2002)Google Scholar
  8. 8.
    Lu, C.J.: Hyper-encryption against space-bounded adversaries from on-line strong extractors. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 257–271. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Nisan, N., Zuckerman, D.: Randomness is linear in space. J. Computer & System Sci. 52, 43–52 (1996)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Nisan, N., Ta-Shma, A.: Extracting randomness: A survey and new constructions. J. Computer & System Sci. 58, 148–173 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Shaltiel, R.: Recent developments in explicit constructions of extractors. Bull. EATCS 77, 67–95 (2002)zbMATHMathSciNetGoogle Scholar
  12. 12.
    Bar-Yossef, Z., Reingold, O., Shaltiel, R., Trevisan, L.: Streaming computation of combinatorial objects. In: 17th CCC, pp. 165–174 (2002)Google Scholar
  13. 13.
    Trevisan, L.: Extractors and pseudorandom generators. JACM 48, 860–879 (2001)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Lu, C.J., Reingold, O., Vadhan, S., Wigderson, A.: Extractors: Optimal up to constant factors. In: 35th STOC (2003)Google Scholar
  15. 15.
    Chor, B., Goldreich, O.: Unbiased bits from sources of weak randomness and probabilistic communication complexity. SIAM. J. Computing 17, 230–261 (1988)zbMATHMathSciNetGoogle Scholar
  16. 16.
    Zuckerman, D.: Simulating BPP using a general weak random source. Algorithmica 16, 367–391 (1996)zbMATHMathSciNetGoogle Scholar
  17. 17.
    Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28, 656–715 (1949)zbMATHMathSciNetGoogle Scholar
  18. 18.
    Reingold, O., Shaltiel, R., Wigderson, A.: Extracting randomness via repeated condensing. In: 41st FOCS (2000)Google Scholar
  19. 19.
    Bellare, M., Rompel, J.: Randomness-efficient oblivious sampling. In: 35th FOCS, pp. 276–287 (1994)Google Scholar
  20. 20.
    Canetti, R., Even, G., Goldreich, O.: Lower bounds for sampling algorithms for estimating the average. Information Processing Letters 53, 17–25 (1995)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Zuckerman, D.: Randomness-optimal oblivious sampling. Random Struct. & Alg. 11, 345–367 (1997)zbMATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    Goldreich, O.: A sample of samplers: A computational perspective on sampling. Technical Report TR97-020, ECCC (1997)Google Scholar
  23. 23.
    Ta-Shma, A.: Almost optimal dispersers. Combinatorica 22, 123–145 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  24. 24.
    Radhakrishnan, J., Ta-Shma, A.: Bounds for dispersers, extractors, and depth-two superconcentrators. SIAM. J. Discrete Math. 13, 2–24 (2000) (electronic)zbMATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    Bellare, M., Goldreich, O., Goldwasser, S.: Randomness in interactive proofs. Computational Complexity 3, 319–354 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  26. 26.
    Goldreich, O., Wigderson, A.: Tiny families of functions with random properties: A quality-size trade-off for hashing. Random Struct. & Alg. 11, 315–343 (1997)zbMATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    Chor, B., Goldreich, O.: On the power of two-point based sampling. J. Complexity 5, 96–106 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  28. 28.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM. J. Comput. 28, 1364–1396 (1999)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  1. 1.Harvard UniversityCambridge

Personalised recommendations