TY - GEN
T1 - Pseudorandom generators with optimal seed length for non-boolean poly-size circuits
AU - Artemenko, Sergei
AU - Shaltiel, Ronen
PY - 2014
Y1 - 2014
N2 - A sampling procedure for a distribution P over {0, 1}ℓ, is a function C : {0, 1}n → {0, 1}ℓ such that the distribution C(Un) (obtained by applying C on the uniform distribution Un) is the "desired distribution" P. Let n > r ≥ ℓ = nΩ(1). An nb-PRG (defined by Dubrov and Ishai (STOC 2006)) is a function G : {0, 1}r → {0, 1} n such that for every C : {0, 1}n → {0, 1} ℓ in some class of "interesting sampling procedures", C′ (Ur) = C(G(Ur)) is close to C(Un) in statistical distance. We construct poly-time computable nb-PRGs with r =Ω(ℓ) (which is best possible) for poly-size circuits. Previous nb-PRGs of Dubrov and Ishai have r = Ω(ℓ2). We rely on the assumption that: there exists β > 0, and a problem L in E = DTIME(2 O(n)) such that for every large enough n, nondeterministic circuits of size 2βn that have NP-gates cannot solve L on inputs of length n. This assumption is a scaled nonuniform analogue of (the widely believed) EXP ≠ = ∑2P, and similar assumptions appear in various contexts in derandomization. The nb-PRGs of Dubrov and Ishai are based on very strong cryptographic assumptions, or alternatively, on non-standard assumptions regarding incompressibility of functions on random inputs. When restricting to poly-size circuits C : {0, 1}n → {0, 1}ℓ with Shannon entropy H(C(Un)) ≤ κ, for ℓ > κ = nΩ(1), our nb-PRGs have r = O(κ) which is best possible. The nb-PRGs of Dubrov and Ishai use seed length r = Ω(κ2) and require that the probability distribution of C(Un) is efficiently computable. Our nb-PRGs follow from a notion of "conditional PRGs" which may be of independent interest. These are PRGs where G(Ur) remains pseudorandom even when conditioned on a "large" event {A(G(Ur)) = 1}, for an arbitrary polysize circuit A. A related notion was considered by Shaltiel and Umans (CCC 2005) in a different setup, and our proofs use ideas from that paper, as well as ideas of Dubrov and Ishai. We also give an unconditional construction of a poly-time computable nb-PRGs for poly(n)-size, depth d circuits C : {0, 1}n → {0, 1}ℓ with r = O(ℓ · logd+O(1) n). This improves upon the previous work of Dubrov and Ishai that has r ≥ ℓ2. Our nb-PRGs can be implemented by a uniform family of poly-size constant depth circuits (with slightly larger, but still almost linear seed length). The nb-PRG of Dubrov and Ishai computes large parities and cannot be computed in poly-size and constant depth. This result follows by adapting a recent PRG construction of Trevisan and Xue (CCC 2013) to the case of nb-PRGs, and implementing it by constant-depth circuits.
AB - A sampling procedure for a distribution P over {0, 1}ℓ, is a function C : {0, 1}n → {0, 1}ℓ such that the distribution C(Un) (obtained by applying C on the uniform distribution Un) is the "desired distribution" P. Let n > r ≥ ℓ = nΩ(1). An nb-PRG (defined by Dubrov and Ishai (STOC 2006)) is a function G : {0, 1}r → {0, 1} n such that for every C : {0, 1}n → {0, 1} ℓ in some class of "interesting sampling procedures", C′ (Ur) = C(G(Ur)) is close to C(Un) in statistical distance. We construct poly-time computable nb-PRGs with r =Ω(ℓ) (which is best possible) for poly-size circuits. Previous nb-PRGs of Dubrov and Ishai have r = Ω(ℓ2). We rely on the assumption that: there exists β > 0, and a problem L in E = DTIME(2 O(n)) such that for every large enough n, nondeterministic circuits of size 2βn that have NP-gates cannot solve L on inputs of length n. This assumption is a scaled nonuniform analogue of (the widely believed) EXP ≠ = ∑2P, and similar assumptions appear in various contexts in derandomization. The nb-PRGs of Dubrov and Ishai are based on very strong cryptographic assumptions, or alternatively, on non-standard assumptions regarding incompressibility of functions on random inputs. When restricting to poly-size circuits C : {0, 1}n → {0, 1}ℓ with Shannon entropy H(C(Un)) ≤ κ, for ℓ > κ = nΩ(1), our nb-PRGs have r = O(κ) which is best possible. The nb-PRGs of Dubrov and Ishai use seed length r = Ω(κ2) and require that the probability distribution of C(Un) is efficiently computable. Our nb-PRGs follow from a notion of "conditional PRGs" which may be of independent interest. These are PRGs where G(Ur) remains pseudorandom even when conditioned on a "large" event {A(G(Ur)) = 1}, for an arbitrary polysize circuit A. A related notion was considered by Shaltiel and Umans (CCC 2005) in a different setup, and our proofs use ideas from that paper, as well as ideas of Dubrov and Ishai. We also give an unconditional construction of a poly-time computable nb-PRGs for poly(n)-size, depth d circuits C : {0, 1}n → {0, 1}ℓ with r = O(ℓ · logd+O(1) n). This improves upon the previous work of Dubrov and Ishai that has r ≥ ℓ2. Our nb-PRGs can be implemented by a uniform family of poly-size constant depth circuits (with slightly larger, but still almost linear seed length). The nb-PRG of Dubrov and Ishai computes large parities and cannot be computed in poly-size and constant depth. This result follows by adapting a recent PRG construction of Trevisan and Xue (CCC 2013) to the case of nb-PRGs, and implementing it by constant-depth circuits.
KW - ACM proceedings
KW - LATEX
KW - Text tagging
UR - http://www.scopus.com/inward/record.url?scp=84904286321&partnerID=8YFLogxK
U2 - 10.1145/2591796.2591846
DO - 10.1145/2591796.2591846
M3 - Conference contribution
SN - 9781450327107
T3 - Proceedings of the Annual ACM Symposium on Theory of Computing
SP - 99
EP - 108
BT - STOC 2014 - Proceedings of the 2014 ACM Symposium on Theory of Computing
PB - Association for Computing Machinery
T2 - 4th Annual ACM Symposium on Theory of Computing, STOC 2014
Y2 - 31 May 2014 through 3 June 2014
ER -