118 research outputs found
Expander-based cryptography meets natural proofs
We introduce new forms of attack on expander-based cryptography, and in particular on Goldreich's pseudorandom generator and one-way function. Our attacks exploit low circuit complexity of the underlying expander's neighbor function and/or of the local predicate. Our two key conceptual contributions are: 1) We put forward the possibility that the choice of expander matters in expander-based cryptography. In particular, using expanders whose neighbour function has low circuit complexity might compromise the security of Goldreich's PRG and OWF in certain settings. 2) We show that the security of Goldreich's PRG and OWF is closely related to two other long-standing problems: Specifically, to the existence of unbalanced lossless expanders with low-complexity neighbor function, and to limitations on circuit lower bounds (i.e., natural proofs). In particular, our results further motivate the investigation of affine/local unbalanced lossless expanders and of average-case lower bounds against DNF-XOR circuits. We prove two types of technical results that support the above conceptual messages. First, we unconditionally break Goldreich's PRG when instantiated with a specific expander (whose existence we prove), for a class of predicates that match the parameters of the currently-best "hard" candidates, in the regime of quasi-polynomial stretch. Secondly, conditioned on the existence of expanders whose neighbor functions have extremely low circuit complexity, we present attacks on Goldreich's generator in the regime of polynomial stretch. As one corollary, conditioned on the existence of the foregoing expanders, we show that either the parameters of natural properties for several constant-depth circuit classes cannot be improved, even mildly; or Goldreich's generator is insecure in the regime of a large polynomial stretch, regardless of the predicate used
Recommended from our members
Complexity Theory
Computational Complexity Theory is the mathematical study of the intrinsic power and limitations of computational resources like time, space, or randomness. The current workshop focused on recent developments in various sub-areas including arithmetic complexity, Boolean complexity, communication complexity, cryptography, probabilistic proof systems, pseudorandomness, and quantum computation. Many of the developments are related to diverse mathematical ïŹelds such as algebraic geometry, combinatorial number theory, probability theory, representation theory, and the theory of error-correcting codes
Strong blocking sets and minimal codes from expander graphs
A strong blocking set in a finite projective space is a set of points that
intersects each hyperplane in a spanning set. We provide a new graph theoretic
construction of such sets: combining constant-degree expanders with
asymptotically good codes, we explicitly construct strong blocking sets in the
-dimensional projective space over that have size . Since strong blocking sets have recently been shown to be equivalent to
minimal linear codes, our construction gives the first explicit construction of
-linear minimal codes of length and dimension , for every
prime power , for which . This solves one of the main open
problems on minimal codes.Comment: 20 page
Quiet Planting in the Locked Constraint Satisfaction Problems
We study the planted ensemble of locked constraint satisfaction problems. We
describe the connection between the random and planted ensembles. The use of
the cavity method is combined with arguments from reconstruction on trees and
first and second moment considerations; in particular the connection with the
reconstruction on trees appears to be crucial. Our main result is the location
of the hard region in the planted ensemble. In a part of that hard region
instances have with high probability a single satisfying assignment.Comment: 21 pages, revised versio
Randomness Extraction in AC0 and with Small Locality
Randomness extractors, which extract high quality (almost-uniform) random
bits from biased random sources, are important objects both in theory and in
practice. While there have been significant progress in obtaining near optimal
constructions of randomness extractors in various settings, the computational
complexity of randomness extractors is still much less studied. In particular,
it is not clear whether randomness extractors with good parameters can be
computed in several interesting complexity classes that are much weaker than P.
In this paper we study randomness extractors in the following two models of
computation: (1) constant-depth circuits (AC0), and (2) the local computation
model. Previous work in these models, such as [Vio05a], [GVW15] and [BG13],
only achieve constructions with weak parameters. In this work we give explicit
constructions of randomness extractors with much better parameters. As an
application, we use our AC0 extractors to study pseudorandom generators in AC0,
and show that we can construct both cryptographic pseudorandom generators
(under reasonable computational assumptions) and unconditional pseudorandom
generators for space bounded computation with very good parameters.
Our constructions combine several previous techniques in randomness
extractors, as well as introduce new techniques to reduce or preserve the
complexity of extractors, which may be of independent interest. These include
(1) a general way to reduce the error of strong seeded extractors while
preserving the AC0 property and small locality, and (2) a seeded randomness
condenser with small locality.Comment: 62 page
Cryptography based on the Hardness of Decoding
This thesis provides progress in the fields of for lattice and coding based cryptography. The first contribution consists of constructions of IND-CCA2 secure public key cryptosystems from both the McEliece and the low noise learning parity with noise assumption. The second contribution is a novel instantiation of the lattice-based learning with errors problem which uses uniform errors
LIPIcs, Volume 251, ITCS 2023, Complete Volume
LIPIcs, Volume 251, ITCS 2023, Complete Volum
Subquadratic time encodable codes beating the Gilbert-Varshamov bound
We construct explicit algebraic geometry codes built from the
Garcia-Stichtenoth function field tower beating the Gilbert-Varshamov bound for
alphabet sizes at least 192. Messages are identied with functions in certain
Riemann-Roch spaces associated with divisors supported on multiple places.
Encoding amounts to evaluating these functions at degree one places. By
exploiting algebraic structures particular to the Garcia-Stichtenoth tower, we
devise an intricate deterministic \omega/2 < 1.19 runtime exponent encoding and
1+\omega/2 < 2.19 expected runtime exponent randomized (unique and list)
decoding algorithms. Here \omega < 2.373 is the matrix multiplication exponent.
If \omega = 2, as widely believed, the encoding and decoding runtimes are
respectively nearly linear and nearly quadratic. Prior to this work, encoding
(resp. decoding) time of code families beating the Gilbert-Varshamov bound were
quadratic (resp. cubic) or worse
Recommended from our members
Entropy Waves, The Zig-Zag Graph Product, and New Constant-Degree Expanders and Extractors
The main contribution of this work is a new type of graph product, which we call the zig-zag product. Taking a product of a large graph with a small graph, the resulting graph inherits (roughly) its size from the large one, its degree from the small one, and its expansion properties from both! Iteration yields simple explicit constructions of constant-degree expanders of every size, starting from one constant-size expander.
Crucial to our intuition (and simple analysis) of the properties of this graph product is the view of expanders as functions which act as "entropy wave" propagators --- they transform probability distributions in which entropy is concentrated in one area to distributions where that concentration is dissipated. In these terms, the graph product affords the constructive interference of two such waves.
A variant of this product can be applied to extractors, giving the first explicit extractors whose seed length depends (poly)logarithmically on only the entropy deficiency of the source (rather than its length) and that extract almost all the entropy of high min-entropy sources. These high min-entropy extractors have several interesting applications, including the first constant-degree explicit expanders which beat the "eigenvalue bound."Engineering and Applied Science
- âŠ