Our generator can be based on any group of prime order provided that an additional requirement is met (i.e., there exists an efficiently computable function that in some sense enumerates the elements of the group). Two specific instances are presented. The techniques used to design the instances, for example, the new probabilistic randomness extractor are of independent interest for other applications.
Category / Keywords: Pseudorandom generator, DDH problem, concrete security Date: received 25 Sep 2006, last revised 7 Nov 2006 Contact author: a sidorenko at tue nl Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Version: 20061107:145524 (All versions of this report) Short URL: ia.cr/2006/321