# Deterministic Extractors for Bit-Fixing Sources by Obtaining an Independent Seed

## Summary

An \((n,k)\)-bit-fixing source is a distribution *X* over \({\{0,1\}}^n\) such that there is a subset of *k* variables in \(X_1,\ldots,X_n\) which are uniformly distributed and independent of each other, and the remaining \(n-k\) variables are fixed. A deterministic bit-fixing source extractor is a function \(E:{\{0,1\}}^n {\rightarrow} {\{0,1\}}^m\) which on an arbitrary \((n,k)\)-bit-fixing source outputs *m* bits that are statistically-close to uniform. Prior to our work, Kamp and Zuckerman [44th FOCS, 2003] gave a construction of a deterministic bit-fixing source extractor that extracts \(\Omega(k^2/n)\) bits and requires \(k>\sqrt{n}\).

In this chapter we give constructions of deterministic bit-fixing source extractors that extract \((1-o(1))k\) bits whenever \(k>(\log n)^c\) for some universal constant \(c>0\). Thus, our constructions extract almost all the randomness from bit-fixing sources and work even when *k* is small. For \(k \gg \sqrt{n}\) the extracted bits have statistical distance \(2^{-n^{\Omega(1)}}\) from uniform, and for \(k \le \sqrt{n}\) the extracted bits have statistical distance \(k^{-\Omega(1)}\) from uniform.

Our technique gives a general method to transform deterministic bit-fixing source extractors that extract few bits into extractors which extract almost all the bits. This work is the first to use the ‘recycling paradigm’ as described in the introduction. The description of it here is different and perhaps more cumbersome, as the one given in the introduction was only realized in hindsight.

This chapter is based on [26].

## Keywords

Average Sampler Small Error Convex Combination Final Extractor Seed Length## Bibliography

- 2.N. Alon, O. Goldreich, J. Håstad, and R. Peralta. Simple constructions of almost
*k*-wise independent random variables. In*Proceedings of the 31st Annual IEEE Symposium on Foundations of Computer Science*, volume II, pages 544–553, 1990.Google Scholar - 4.B. Barak, G. Kindler, R. Shaltiel, B. Sudakov, and A. Wigderson. Simulating independence: New constructions of condensers, Ramsay graphs, dispersers, and extractors. In
*Proceedings of the 37th Annual ACM Symposium on Theory of Computing*, pages 1–10, 2005.Google Scholar - 6.M. Bellare and J. Rompel. Randomness-efficient oblivious sampling. FOCS 1994.Google Scholar
- 7.M. Ben-Or and N. Linial. Collective coin flipping.
*ADVCR: Advances in Computing Research*, 5:91–115, 1989.Google Scholar - 11.V. Boyko. On the security properties of OAEP as an all-or-nothing transform. In
*Proc. 19th International Advances in Cryptology Conference – CRYPTO ’99*, pages 503–518, 1999.Google Scholar - 12.R. Canetti, Y. Dodis, S. Halevi, E. Kushilevitz, and A. Sahai. Exposure-resilient functions and all-or-nothing transforms.
*Lecture Notes in Computer Science*, 1807, 2000.Google Scholar - 15.B. Chor, O. Goldreich, J. Hastad, J. Friedman, S. Rudich, and R. Smolensky. The bit extraction problem or
*t*-resilient functions. In*Proceedings of the 26th Annual IEEE Symposium on Foundations of Computer Science*, pages 396–407, 1985.Google Scholar - 18.Y. Dodis.
*Exposure-Resilient Cryptography*. PhD thesis, Department of Electrical Engineering and Computer Science, MIT, August 2000.Google Scholar - 20.Y. Dodis, A. Sahai, and A. Smith. On perfect and adaptive security in exposure-resilient cryptography.
*Lecture Notes in Computer Science*, 2045, 2001.Google Scholar - 23.S. Even, O. Goldreich, M. Luby, N. Nisan, and B. Velickovic. Efficient approximation of product distributions.
*RSA: Random Structures & Algorithms*, 13, 1998.Google Scholar - 26.A.Gabizon, R. Raz, and R. Shaltiel. Deterministic extractors for bit-fixing sources by obtaining an independent seed.
*SICOMP: SIAM Journal on Computing*, 36(4):1072–1094, 2006.MathSciNetzbMATHCrossRefGoogle Scholar - 30.O. Goldreich. A sample of samplers – A computational perspective on sampling (survey). In
*ECCCTR: Electronic Colloquium on Computational Complexity, technical reports*, 1997a.Google Scholar - 37.J. Kamp and D. Zuckerman. Deterministic extractors for bit-fixing sources and exposure-resilient cryptography.
*SIAM J. Comput*, 36(5):1231–1247, 2007.MathSciNetCrossRefGoogle Scholar - 40.R. Lipton and N. Vishnoi. Manuscript. 2004.Google Scholar
- 41.L. Lovasz.
*Combinatorial Problems and Exercises*. North-Holland, Amsterdam, 1979.Google Scholar - 44.J. Naor and M. Naor. Small-bias probability spaces: Efficient constructions and applications. In
*Proceedings of the 22nd Annual ACM Symposium on Theory of Computing*, pages 213–223, 1990.Google Scholar - 48.N. Nisan and D. Zuckerman. Randomness is linear in space.
*Journal of Computer and System Sciences*, 52(1):43–52, 1996.MathSciNetzbMATHCrossRefGoogle Scholar - 49.J. Radhakrishnan and A. Ta-Shma. Bounds for dispersers, extractors, and depth-two superconcentrators.
*SIAM Journal on Discrete Mathematics*, 13(1):2–24, 2000.MathSciNetzbMATHCrossRefGoogle Scholar - 55.R. Raz, O. Reingold, and S. Vadhan. Extracting all the randomness and reducing the error in Trevisan’s extractors. In
*Proceedings of the 31st Annual ACM Symposium on Theory of Computing*, pages 149–158, 1999.Google Scholar - 56.O. Reingold, R. Shaltiel, and A. Wigderson. Extracting randomness via repeated condensing. In
*Proceedings of the 41st Annual IEEE Symposium on Foundations of Computer Science*, 2000.Google Scholar - 57.R. Rivest. All-or-nothing encryption and the package transform. In
*Fast Software Encryption: 4th International Workshop, FSE*, volume 1267 of*Lecture Notes in Computer Science*, 1997.Google Scholar - 62.R. Shaltiel. Recent developments in explicit constructions of extractors.
*Bulletin of the EATCS*, 77:67–95, 2002.MathSciNetzbMATHGoogle Scholar - 69.S. Vadhan. On constructing locally computable extractors and cryptosystems in the bounded storage model, November 01 2002.Google Scholar