187 research outputs found
Variations on Classical and Quantum Extractors
Many constructions of randomness extractors are known to work in the presence
of quantum side information, but there also exist extractors which do not
[Gavinsky {\it et al.}, STOC'07]. Here we find that spectral extractors
with a bound on the second largest eigenvalue
are quantum-proof. We then discuss fully
quantum extractors and call constructions that also work in the presence of
quantum correlations decoupling. As in the classical case we show that spectral
extractors are decoupling. The drawback of classical and quantum spectral
extractors is that they always have a long seed, whereas there exist classical
extractors with exponentially smaller seed size. For the quantum case, we show
that there exists an extractor with extremely short seed size
, where denotes the quality of the
randomness. In contrast to the classical case this is independent of the input
size and min-entropy and matches the simple lower bound
.Comment: 7 pages, slightly enhanced IEEE ISIT submission including all the
proof
Better short-seed quantum-proof extractors
We construct a strong extractor against quantum storage that works for every
min-entropy , has logarithmic seed length, and outputs bits,
provided that the quantum adversary has at most qubits of memory, for
any \beta < \half. The construction works by first condensing the source
(with minimal entropy-loss) and then applying an extractor that works well
against quantum adversaries when the source is close to uniform.
We also obtain an improved construction of a strong quantum-proof extractor
in the high min-entropy regime. Specifically, we construct an extractor that
uses a logarithmic seed length and extracts bits from any source
over \B^n, provided that the min-entropy of the source conditioned on the
quantum adversary's state is at least , for any \beta < \half.Comment: 14 page
On Extractors and Exposure-Resilient Functions for Sublogarithmic Entropy
We study deterministic extractors for oblivious bit-fixing sources (a.k.a.
resilient functions) and exposure-resilient functions with small min-entropy:
of the function's n input bits, k << n bits are uniformly random and unknown to
the adversary. We simplify and improve an explicit construction of extractors
for bit-fixing sources with sublogarithmic k due to Kamp and Zuckerman (SICOMP
2006), achieving error exponentially small in k rather than polynomially small
in k. Our main result is that when k is sublogarithmic in n, the short output
length of this construction (O(log k) output bits) is optimal for extractors
computable by a large class of space-bounded streaming algorithms.
Next, we show that a random function is an extractor for oblivious bit-fixing
sources with high probability if and only if k is superlogarithmic in n,
suggesting that our main result may apply more generally. In contrast, we show
that a random function is a static (resp. adaptive) exposure-resilient function
with high probability even if k is as small as a constant (resp. log log n). No
explicit exposure-resilient functions achieving these parameters are known
On the Commitment Capacity of Unfair Noisy Channels
Noisy channels are a valuable resource from a cryptographic point of view.
They can be used for exchanging secret-keys as well as realizing other
cryptographic primitives such as commitment and oblivious transfer. To be
really useful, noisy channels have to be consider in the scenario where a
cheating party has some degree of control over the channel characteristics.
Damg\r{a}rd et al. (EUROCRYPT 1999) proposed a more realistic model where such
level of control is permitted to an adversary, the so called unfair noisy
channels, and proved that they can be used to obtain commitment and oblivious
transfer protocols. Given that noisy channels are a precious resource for
cryptographic purposes, one important question is determining the optimal rate
in which they can be used. The commitment capacity has already been determined
for the cases of discrete memoryless channels and Gaussian channels. In this
work we address the problem of determining the commitment capacity of unfair
noisy channels. We compute a single-letter characterization of the commitment
capacity of unfair noisy channels. In the case where an adversary has no
control over the channel (the fair case) our capacity reduces to the well-known
capacity of a discrete memoryless binary symmetric channel
Samplers and Extractors for Unbounded Functions
Blasiok (SODA\u2718) recently introduced the notion of a subgaussian sampler, defined as an averaging sampler for approximating the mean of functions f from {0,1}^m to the real numbers such that f(U_m) has subgaussian tails, and asked for explicit constructions. In this work, we give the first explicit constructions of subgaussian samplers (and in fact averaging samplers for the broader class of subexponential functions) that match the best known constructions of averaging samplers for [0,1]-bounded functions in the regime of parameters where the approximation error epsilon and failure probability delta are subconstant. Our constructions are established via an extension of the standard notion of randomness extractor (Nisan and Zuckerman, JCSS\u2796) where the error is measured by an arbitrary divergence rather than total variation distance, and a generalization of Zuckerman\u27s equivalence (Random Struct. Alg.\u2797) between extractors and samplers. We believe that the framework we develop, and specifically the notion of an extractor for the Kullback-Leibler (KL) divergence, are of independent interest. In particular, KL-extractors are stronger than both standard extractors and subgaussian samplers, but we show that they exist with essentially the same parameters (constructively and non-constructively) as standard extractors
- …