Paper 2011/512
A Dichotomy for Local Small-Bias Generators
Benny Applebaum, Andrej Bogdanov, and Alon Rosen
Abstract
We consider pseudorandom generators in which each output bit depends on a constant number of input bits. Such generators have appealingly simple structure: they can be described by a sparse input-output dependency graph and a small predicate that is applied at each output. Following the works of Cryan and Miltersen (MFCS'01) and by Mossel et al (STOC'03), we focus on the study of ``small-bias" generators (that fool linear distinguishers). We prove that for most graphs, all but a handful of ``degenerate'' predicates yield small-bias generators, $f\colon \bit^n \rightarrow \bit^m$, with output length $m = n^{1 + \eps}$ for some constant $\eps > 0$. Conversely, we show that for most graphs, ``degenerate'' predicates are not secure against linear distinguishers. Taken together, these results expose a dichotomy: every predicate is either very hard or very easy, in the sense that it either yields a small-bias generator for almost all graphs or fails to do so for almost all graphs. As a secondary contribution, we attempt to support the view that small-bias is a good measure of pseudorandomness for local functions with large stretch. We do so by demonstrating that resilience to linear distinguishers implies resilience to a larger class of attacks.
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- small-bias generatordichotomylocal functionsNC0pseudo-randomness
- Contact author(s)
- benny applebaum @ gmail com
- History
- 2011-09-18: received
- Short URL
- https://ia.cr/2011/512
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2011/512,
author = {Benny Applebaum and Andrej Bogdanov and Alon Rosen},
title = {A Dichotomy for Local Small-Bias Generators},
howpublished = {Cryptology {ePrint} Archive, Paper 2011/512},
year = {2011},
url = {https://eprint.iacr.org/2011/512}
}
