## Cryptology ePrint Archive: Report 2014/392

The Randomized Iterate Revisited - Almost Linear Seed Length PRGs from A Broader Class of One-way Functions

Yu Yu and Dawu Gu and Xiangxue Li

Abstract: We revisit the randomized iterate'' technique that was originally used by Goldreich, Krawczyk, and Luby (SICOMP 1993) and refined by Haitner, Harnik and Reingold (CRYPTO 2006) in constructing pseudorandom generators (PRGs) from regular one-way functions (OWFs). We abstract out a technical lemma (which is folklore in leakage resilient cryptography), and use it to provide a simpler and more modular proof for the Haitner-Harnik-Reingold PRGs from regular OWFs.

We introduce a more general class of OWFs called weakly-regular one-way functions'', and construct a PRG with seed length $O(n*\log{n})$. More specifically, consider an arbitrary one-way function $f$ with range divided into sets $\Y_1$, $\Y_2$, $\ldots$, $\Y_n$ where each $\Y_i=\{y:2^{i-1}\le|f^{-1}(y)|<2^{i}\}$. We say that $f$ is weakly-regular if there is a cutoff point $max$ such that $\Y_{max}$ has some noticeable portion (say $n^{-c}$ for constant $c$), and $\Y_{max+1}$, $\ldots$, $\Y_n$ only sum to a negligible fraction $\epsilon$. We construct a PRG by making $O(n^{2c+1})$ calls to $f$ and achieve seed length $O(n*\log{n})$ using bounded space generators, where the only parameter required to know is $c$ (which is constant for a specific $f$ but may vary for different OWFs) and no knowledge is required for $max$ and $\epsilon$. This generalizes the approach of Haitner et al., where arbitrary regular OWFs fall into a special case for $c=0$. We use a proof technique that is similar to and extended from the method by Haitner, Harnik and Reingold for hardness amplification of regular weakly-one-way functions.

Our work further explores the feasibility and limits of the randomized iterate'' type of black-box constructions. In particular, the underlying $f$ can have an arbitrary structure as long as the set of images with maximal preimage size has a noticeable fraction. In addition, our construction is much more seed-length efficient and security-preserving (but less general) than the HILL-style generators where the best known construction by Vadhan and Zheng (STOC 2012) requires seed length $\tilde{O}(n^3)$.

Category / Keywords: foundations / Foundations, Pseudorandom Generators, One-way Functions, the Randomized Iterate.

Date: received 29 May 2014, last revised 2 Oct 2014

Contact author: yuyuathk at gmail com

Available format(s): PDF | BibTeX Citation

[ Cryptology ePrint archive ]