19,059 research outputs found
Recommended from our members
Explicit two-source extractors and more
In this thesis we study the problem of extracting almost truly random bits from imperfect sources of randomness. This is motivated by the wide use of randomness in computer science, and the fact that most accessible sources of randomness generate correlated bits, and at best contain some amount of entropy. We follow Chor and Goldreich [CG88] and Zuckerman [Z90], and model weak sources using min-entropy, where an (n,k)-source X is a distribution on n bits and takes any string x with probability at most 2^-k. It is known that it is impossible to extract random bits from a single (n,k)-source, and Chor and Goldreich [CG88] raised the question of extracting randomness from two such independent (n,k)-sources. Existentially, such 2-source randomness extractors exist for min-entropy k >=log n + O(1), but the best known construction prior to work in this thesis requires min-entropy k >=0.499 n [B2]. One of the main contributions of this thesis is an explicit 2-source extractor for min-entropy log^C n, for some constant C. Other results in this thesis include improved ways of extracting random bits from various other sources of randomness, as well as stronger notions of randomness extraction. Our results have applications in privacy amplification [BBR88,Mau92,BBCM95], which is a classical problem in information cryptography, and give protocols that achieve almost optimal parameters. Other applications include explicit constructions of non-malleable codes, which is a relaxation of the notion of error-detection codes and have applications in tamper-resilient cryptography [DPW10].Computer Science
Extractors for Adversarial Sources via Extremal Hypergraphs
Randomness extraction is a fundamental problem that has been studied for over three decades. A well-studied setting assumes that one has access to multiple independent weak random sources, each with some entropy. However, this assumption is often unrealistic in practice. In real life, natural sources of randomness can produce samples with no entropy at all or with unwanted dependence. Motivated by this and applications from cryptography, we initiate a systematic study of randomness extraction for the class of adversarial sources defined as follows.
A weak source of the form , where each is on bits, is an -source of locality if the following hold:
(1) Somewhere good sources: at least of the \u27s are independent, and each contains min-entropy at least . We call these \u27s good sources, and their locations are unknown. (2) Bounded dependence: each remaining (bad) source can depend arbitrarily on at most good sources.
We focus on constructing extractors with negligible error, in the regime where most of the entropy is contained within a few sources instead of across many (i.e., is at least polynomial in ). In this setting, even for the case of -locality, very little is known prior to our work. For , essentially no previous results are known. We present various new extractors for adversarial sources in a wide range of parameters, and some of our constructions work for locality . As an application, we also give improved extractors for small-space sources.
The class of adversarial sources generalizes several previously studied classes of sources, and our explicit extractor constructions exploit tools from recent advances in extractor machinery, such as two-source non-malleable extractors and low-error condensers. Thus, our constructions can be viewed as a new application of non-malleable extractors. In addition, our constructions combine the tools from extractor theory in a novel way through various sorts of explicit extremal hypergraphs. These connections leverage recent progress in combinatorics, such as improved bounds on cap sets and explicit constructions of Ramsey graphs, and may be of independent interest
Three-Source Extractors for Polylogarithmic Min-Entropy
We continue the study of constructing explicit extractors for independent
general weak random sources. The ultimate goal is to give a construction that
matches what is given by the probabilistic method --- an extractor for two
independent -bit weak random sources with min-entropy as small as . Previously, the best known result in the two-source case is an
extractor by Bourgain \cite{Bourgain05}, which works for min-entropy ;
and the best known result in the general case is an earlier work of the author
\cite{Li13b}, which gives an extractor for a constant number of independent
sources with min-entropy . However, the constant in the
construction of \cite{Li13b} depends on the hidden constant in the best known
seeded extractor, and can be large; moreover the error in that construction is
only .
In this paper, we make two important improvements over the result in
\cite{Li13b}. First, we construct an explicit extractor for \emph{three}
independent sources on bits with min-entropy .
In fact, our extractor works for one independent source with poly-logarithmic
min-entropy and another independent block source with two blocks each having
poly-logarithmic min-entropy. Thus, our result is nearly optimal, and the next
step would be to break the barrier in two-source extractors. Second, we
improve the error of the extractor from to
, which is almost optimal and crucial for cryptographic
applications. Some of the techniques developed here may be of independent
interests
Linear Transformations for Randomness Extraction
Information-efficient approaches for extracting randomness from imperfect
sources have been extensively studied, but simpler and faster ones are required
in the high-speed applications of random number generation. In this paper, we
focus on linear constructions, namely, applying linear transformation for
randomness extraction. We show that linear transformations based on sparse
random matrices are asymptotically optimal to extract randomness from
independent sources and bit-fixing sources, and they are efficient (may not be
optimal) to extract randomness from hidden Markov sources. Further study
demonstrates the flexibility of such constructions on source models as well as
their excellent information-preserving capabilities. Since linear
transformations based on sparse random matrices are computationally fast and
can be easy to implement using hardware like FPGAs, they are very attractive in
the high-speed applications. In addition, we explore explicit constructions of
transformation matrices. We show that the generator matrices of primitive BCH
codes are good choices, but linear transformations based on such matrices
require more computational time due to their high densities.Comment: 2 columns, 14 page
Impossibility of independence amplification in Kolmogorov complexity theory
The paper studies randomness extraction from sources with bounded
independence and the issue of independence amplification of sources, using the
framework of Kolmogorov complexity. The dependency of strings and is
, where
denotes the Kolmogorov complexity. It is shown that there exists a
computable Kolmogorov extractor such that, for any two -bit strings with
complexity and dependency , it outputs a string of length
with complexity conditioned by any one of the input
strings. It is proven that the above are the optimal parameters a Kolmogorov
extractor can achieve. It is shown that independence amplification cannot be
effectively realized. Specifically, if (after excluding a trivial case) there
exist computable functions and such that for all -bit strings and with , then
Physical Randomness Extractors: Generating Random Numbers with Minimal Assumptions
How to generate provably true randomness with minimal assumptions? This
question is important not only for the efficiency and the security of
information processing, but also for understanding how extremely unpredictable
events are possible in Nature. All current solutions require special structures
in the initial source of randomness, or a certain independence relation among
two or more sources. Both types of assumptions are impossible to test and
difficult to guarantee in practice. Here we show how this fundamental limit can
be circumvented by extractors that base security on the validity of physical
laws and extract randomness from untrusted quantum devices. In conjunction with
the recent work of Miller and Shi (arXiv:1402:0489), our physical randomness
extractor uses just a single and general weak source, produces an arbitrarily
long and near-uniform output, with a close-to-optimal error, secure against
all-powerful quantum adversaries, and tolerating a constant level of
implementation imprecision. The source necessarily needs to be unpredictable to
the devices, but otherwise can even be known to the adversary.
Our central technical contribution, the Equivalence Lemma, provides a general
principle for proving composition security of untrusted-device protocols. It
implies that unbounded randomness expansion can be achieved simply by
cross-feeding any two expansion protocols. In particular, such an unbounded
expansion can be made robust, which is known for the first time. Another
significant implication is, it enables the secure randomness generation and key
distribution using public randomness, such as that broadcast by NIST's
Randomness Beacon. Our protocol also provides a method for refuting local
hidden variable theories under a weak assumption on the available randomness
for choosing the measurement settings.Comment: A substantial re-writing of V2, especially on model definitions. An
abstract model of robustness is added and the robustness claim in V2 is made
rigorous. Focuses on quantum-security. A future update is planned to address
non-signaling securit
Strong Coordination over Noisy Channels: Is Separation Sufficient?
We study the problem of strong coordination of actions of two agents and
that communicate over a noisy communication channel such that the actions
follow a given joint probability distribution. We propose two novel schemes for
this noisy strong coordination problem, and derive inner bounds for the
underlying strong coordination capacity region. The first scheme is a joint
coordination-channel coding scheme that utilizes the randomness provided by the
communication channel to reduce the local randomness required in generating the
action sequence at agent . The second scheme exploits separate coordination
and channel coding where local randomness is extracted from the channel after
decoding. Finally, we present an example in which the joint scheme is able to
outperform the separate scheme in terms of coordination rate.Comment: 9 pages, 4 figures. An extended version of a paper accepted for the
IEEE International Symposium on Information Theory (ISIT), 201
- …