skip to main content
article

Extractors and pseudorandom generators

Published:01 July 2001Publication History
Skip Abstract Section

Abstract

We introduce a new approach to constructing extractors. Extractors are algorithms that transform a “weakly random” distribution into an almost uniform distribution. Explicit constructions of extractors have a variety of important applications, and tend to be very difficult to obtain.We demonstrate an unsuspected connection between extractors and pseudorandom generators. In fact, we show that every pseudorandom generator of a certain kind is an extractor.A pseudorandom generator construction due to Impagliazzo and Wigderson, once reinterpreted via our connection, is already an extractor that beats most known constructions and solves an important open question. We also show that, using the simpler Nisan--Wigderson generator and standard error-correcting codes, one can build even better extractors with the additional advantage that both the construction and the analysis are simple and admit a short self-contained description.

References

  1. ANDREEV, A. E., CLEMENTI,A.E.F.,AND ROLIM, J. D. P. 1998. Anewgeneral derandomization method. J. ACM 45, 1 (Jan.), 179-213. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. ANDREEV, A., CLEMENTI, A., ROLIM, J., AND TREVISAN, L. 1999. Weak random sources, hitting sets, and BPP simulations. SIAM J. Comput. 28, 6, 2103-2116. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. ARVIND,V.,AND KOBLER, J. 1997. On resource-bounded measure and pseudorandomness. In Proceedings of the 17th Conference on Foundations of Software Technology and Theoretical Computer Science. Lecture Notes in Computer Science, vol. 1346. Springer-Verlag, New York, pp. 235-249. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. BABAI, L., FORTNOW, L., NISAN, N., AND WIGDERSON, A. 1993. BPP has subexponential time simulations unless EXPTIME has publishable proofs. Comput. Compl. 3, 4, 307-318. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. BELLARE, M., GOLDREICH, O., AND SUDAN, M. 1998. Free bits, PCP's and nonapproximability - towards tight results. SIAM J. Comput. 27, 3, 804-915. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. BELLARE, M., AND ROMPEL, J. 1994. Randomness-efficient oblivious sampling. In Proceedings of the 35th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 276-287.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. BLUM, M., AND MICALI, S. 1984. How to generate cryptographically strong sequences of pseudorandom bits. SIAM J. Comput. 13, 4, 850-864. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. CHOR, B., AND GOLDREICH, O. 1988. Unbiased bits from sources of weak randomness and probabilistic communication complexity. SIAM J. Comput. 17, 2 (Apr.), 230-261. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. COHEN, A., AND WIGDERSON, A. 1989. Dispersers, deterministic amplification, and weak random sources. In Proceedings of the 30th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 14-19.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. GOLDREICH, O. 1999. Modern Cryptography, Probabilistic Proofs and Pseudorandomness. Springer- Verlag, New York. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. GOLDREICH, O., NISAN, N., AND WIGDERSON, A. 1995. On Yao's XOR lemma. Tech. Rep. TR95-50. Electronic Colloquium on Computational Complexity, http://eccc.uni-trier.de/eccc/.Google ScholarGoogle Scholar
  12. GOLDREICH, O., AND WIGDERSON, A. 1997. Tiny families of functions with random properties: A quality-size trade-off for hashing. Random Struct. Algor. 11, 4, 315-343. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. GOLDREICH, O., AND ZUCKERMAN, D. 1997. Another proof that BPP ~PH (and more). Tech. Rep. TR97-045. Electronic Colloquium on Computational Complexity, http://eccc.uni-trier.de/eccc/.Google ScholarGoogle Scholar
  14. GOLDWASSER, S., AND MICALI, S. 1984. Probabilistic encryption. J. Comput. Syst. Sci. 28, 2, 270- 299.Google ScholarGoogle ScholarCross RefCross Ref
  15. IMPAGLIAZZO, R. 1995. Hard-core distributions for somewhat hard problems. In Proceedings of the 36th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 538-545. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. IMPAGLIAZZO, R., AND WIGDERSON, A. 1997. P D BPP if E requires exponential circuits: Derandomizing the XOR lemma. In Proceedings of the 29th Annual ACM Symposium on Theory of Computing (El Paso, Tex., May 4-6). ACM, New York, pp. 220-229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. IMPAGLIAZZO, R., AND WIGDERSON, A. 1998. Randomness versus time: De-randomization under a uniform assumption. In Proceedings of the 39th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 734-743. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. KLIVANS, A., AND VAN MELKEBEEK, D. 1999. Graph nonisomorphism has subexponential size proofs unless the polynomial-time, hierarchy collapses. In Proceedings of the 31st ACM Symposium on Theory of Computing (Atlanta, Ga., May 1-4). ACM, New York, pp. 659-667. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. LEIGHTON, F. 1992. Introduction to Parallel Algorithms and Architectures. Morgan-Kaufmann, San Mateo, Calif. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. MACWILLIAMS,F.,AND SLOANE, N. 1977. The Theory of Error-Correcting Codes. North-Holland, Amsterdam, The Netherlands.Google ScholarGoogle Scholar
  21. NISAN, N. 1991. Pseudorandom bits for constant depth circuits. Combinatorica 12, 4, 63-70.Google ScholarGoogle ScholarCross RefCross Ref
  22. NISAN, N. 1996. Extracting randomness: How and why. In Proceedings of the 11th IEEE Conference on Computational Complexity. IEEE Computer Society Press, Los Alamitos, Calif., pp. 44-58. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. NISAN, N., AND TA-SHMA, A. 1999. Extrating randomness : A survey and new constructions. J. Comput. Syst. Sci. 58, 1, 148-173. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. NISAN, N., AND WIGDERSON, A. 1994. Hardness vs randomness. J. Comput. Syst. Sci. 49, 149-167. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. NISAN, N., AND ZUCKERMAN, D. 1993. More deterministic simulation in Logspace. In Proceedings of the 25th Annual ACM Symposium on Theory of Computing (San Diego, Calif., May 16-18). ACM, New York, pp. 235-244. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. RADHAKRISHNAN, J., AND TA-SHMA, A. 1997. Tight bounds for depth-two superconcentrators. In Proceedings of the 38th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 585-594. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. RAZ, R., REINGOLD, O., AND VADHAN, S. 1999. Extracting all the randomness and reducing the error in Trevisan's extractors. In Proceedings of the 31st Annual ACM Symposium on Theory of Computing (Atlanta, Ga., May 1-4). ACM, New York, pp. 149-158. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. SAKS, M., SRINIVASAN, A., AND ZHOU, S. 1998. Explicit OR-dispersers with polylogarithmic degree. J. ACM 45, 1 (Jan.), 123-154. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. SANTHA, M., AND VAZIRANI, U. 1986. Generating quasi-random sequences from slightly random sources. J. Comput. Syst. Sci. 33, 75-87. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. SRINIVASAN, A., AND ZUCKERMAN, D. 1994. Computing with very weak random sources. In Proceedings of the 35th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 264-275.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. SUDAN, M., TREVISAN, L., AND VADHAN, S. 1999. Pseudorandom generators without the XOR lemma. In Proceedings of the 31st Annual ACM Symposium on Theory of Computing (Atlanta, Ga., May 1-4). ACM, New York, pp. 537-546. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. TA-SHMA, A. 1996. On extracting randomness from weak random sources. In Proceedings of the 28th Annual ACM Symposium on Theory of Computing (Philadelphia, Pa., May 22-24). ACM, New York, pp. 276-285. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. TA-SHMA, A. 1998. Almost optimal dispersers. In Proceedings of the 30th Annual ACM Symposium on Theory of Computing (Dallas, Tex., May 23-26). ACM, New York, pp. 196-202. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. VAZIRANI, U., AND VAZIRANI, V. 1985. Random polynomial time is equal to slightly random polynomial time. In Proceedings of the 26th IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 417-428.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. VON NEUMANN, J. 1951. Various techniques used in connection with random digits. NBS, Appl. Math. Seri. 12, 36-38.Google ScholarGoogle Scholar
  36. WIGDERSON, A., AND ZUCKERMAN, D. 1993. Expanders that beat the eigenvalue bound: Explicit construction and applications. In Proceedings of the 25th Annual ACM Symposium on Theory of Computing (San Diego, Calif., May 16-18). ACM, New York, pp. 245-251. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. YAO, A. 1982. Theory and applications of trapdoor functions. In Proceedings of the 23rd IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 80-91.Google ScholarGoogle ScholarCross RefCross Ref
  38. ZUCKERMAN, D. 1990. General weak random sources. In Proceedings of the 31st IEEE Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., pp. 534-543.Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. ZUCKERMAN, D. 1996a. On unapproximable versions of NP-complete problems. SIAM J. Comput. 25,6, 1293-1304. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. ZUCKERMAN, D. 1996b. Randomness-optimal sampling, extractors and constructive leader election. In Proceedings of the 28th Annual ACM Symposium on Theory of Computing (Philadelphia, Pa., May 22-24). ACM, New York, pp. 286-295. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Extractors and pseudorandom generators

        Recommendations

        Reviews

        Sung-il Pae

        Extractors take a weakly random string as input and output by using a small number of truly random bits, a string that is statistically close to a random string. Pseudorandom generators take a short random string as input, and output a long string that is computationally hard to distinguish from a truly random string. This paper shows that two known constructions of pseudorandom generators can be used to construct extractors. Most constructions of pseudorandom generators are based on the hypothesized existence of computationally hard problems. The author observes that the hard problem in these constructions can be seen as a parameter. If the parameter is taken from a weak random source, the resulting function can be seen as an extractor, although the performance may be poor in general. The author shows that the pseudorandom generator of Impagliazzo and Wigderson is actually a strong extractor from this viewpoint. Another pseudorandom generator, constructed by Nisan and Wigderson, does not result in an interesting extractor. But this pseudorandom generator can be modified, using error-correcting codes, to produce a strong extractor. Some known constructions of pseudorandom generators, for example those by Nisan and Zuckerman, use extractors. The result in this paper is interesting, in that it addresses the other direction. These relationships between extractors and pseudorandom generators are not trivial, because the randomness considered in extractors and pseudorandom generators are not the same (information-theoretic randomness versus computational randomness). It is also remarkable that the extractors that arise from the author’s construction have better performance than most of the known extractors. It is notable that the pseudorandom generators on which the constructions in this paper are based are among the strongest currently known in the realm of pseudorandom generation. This paper attempts to be self-contained as much as possible, and it seems that it is successful. It introduces basic definitions and concepts for extractors, pseudorandom generators, and error-correcting codes. It also provides a good survey of related work and discusses, in a detailed manner, the constructions of the pseudorandom generators considered. Online Computing Reviews Service

        Access critical reviews of Computing literature here

        Become a reviewer for Computing Reviews.

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!