3 research outputs found
Randomness Extraction in AC0 and with Small Locality
Randomness extractors, which extract high quality (almost-uniform) random
bits from biased random sources, are important objects both in theory and in
practice. While there have been significant progress in obtaining near optimal
constructions of randomness extractors in various settings, the computational
complexity of randomness extractors is still much less studied. In particular,
it is not clear whether randomness extractors with good parameters can be
computed in several interesting complexity classes that are much weaker than P.
In this paper we study randomness extractors in the following two models of
computation: (1) constant-depth circuits (AC0), and (2) the local computation
model. Previous work in these models, such as [Vio05a], [GVW15] and [BG13],
only achieve constructions with weak parameters. In this work we give explicit
constructions of randomness extractors with much better parameters. As an
application, we use our AC0 extractors to study pseudorandom generators in AC0,
and show that we can construct both cryptographic pseudorandom generators
(under reasonable computational assumptions) and unconditional pseudorandom
generators for space bounded computation with very good parameters.
Our constructions combine several previous techniques in randomness
extractors, as well as introduce new techniques to reduce or preserve the
complexity of extractors, which may be of independent interest. These include
(1) a general way to reduce the error of strong seeded extractors while
preserving the AC0 property and small locality, and (2) a seeded randomness
condenser with small locality.Comment: 62 page
Entropoid Based Cryptography
By analogy with the developed cryptographic theory of discrete logarithm
problems, we define several hard problems in Entropoid based cryptography, such
as Discrete Entropoid Logarithm Problem (DELP), Computational Entropoid
Diffie-Hellman problem (CEDHP), and Decisional Entropoid Diffie-Hellman Problem
(DEDHP). We post a conjecture that DEDHP is hard in Sylow -subquasigroups.
Next, we instantiate an entropoid Diffie-Hellman key exchange protocol. Due to
the non-commutativity and non-associativity, the entropoid based cryptographic
primitives are supposed to be resistant to quantum algorithms. At the same
time, due to the proposed succinct notation for the power indices, the
communication overhead in the entropoid based Diffie-Hellman key exchange is
very low: for 128 bits of security, 64 bytes in total are communicated in both
directions, and for 256 bits of security, 128 bytes in total are communicated
in both directions.
Our final contribution is in proposing two entropoid based digital signature
schemes. The schemes are constructed with the Fiat-Shamir transformation of an
identification scheme which security relies on a new hardness assumption:
computing roots in finite entropoids is hard. If this assumption withstands the
time's test, the first proposed signature scheme has excellent properties: for
the classical security levels between 128 and 256 bits, the public and private
key sizes are between 32 and 64, and the signature sizes are between 64 and 128
bytes. The second signature scheme reduces the finding of the roots in finite
entropoids to computing discrete entropoid logarithms. In our opinion, this is
a safer but more conservative design, and it pays the price in doubling the key
sizes and the signature sizes.
We give a proof-of-concept implementation in SageMath 9.2 for all proposed
algorithms and schemes in an appendix