A Computing Procedure for Quantification Theory
Journal of the ACM (JACM)
A machine program for theorem-proving
Communications of the ACM
Short proofs are narrow—resolution made simple
Journal of the ACM (JACM)
On Pseudorandom Generators in NC
MFCS '01 Proceedings of the 26th International Symposium on Mathematical Foundations of Computer Science
Optimal myopic algorithms for random 3-SAT
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
Pseudorandom Generators in Propositional Proof Complexity
SIAM Journal on Computing
Random Structures & Algorithms
Exponential Lower Bounds for the Running Time of DPLL Algorithms on Satisfiable Formulas
Journal of Automated Reasoning
SIAM Journal on Computing
Effective preprocessing in SAT through variable and clause elimination
SAT'05 Proceedings of the 8th international conference on Theory and Applications of Satisfiability Testing
On pseudorandom generators with linear stretch in NC0
APPROX'06/RANDOM'06 Proceedings of the 9th international conference on Approximation Algorithms for Combinatorial Optimization Problems, and 10th international conference on Randomization and Computation
On the Security of Goldreich's One-Way Function
APPROX '09 / RANDOM '09 Proceedings of the 12th International Workshop and 13th International Workshop on Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques
Input locality and hardness amplification
TCC'11 Proceedings of the 8th conference on Theory of cryptography
The complexity of inversion of explicit goldreich's function by DPLL algorithms
CSR'11 Proceedings of the 6th international conference on Computer science: theory and applications
Candidate one-way functions based on expander graphs
Studies in complexity and cryptography
Extractors and Lower Bounds for Locally Samplable Sources
ACM Transactions on Computation Theory (TOCT)
CSR'10 Proceedings of the 5th international conference on Computer Science: theory and Applications
Lower bounds for myopic DPLL algorithms with a cut heuristic
ISAAC'11 Proceedings of the 22nd international conference on Algorithms and Computation
Pseudorandom generators with long stretch and low locality from random local one-way functions
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
Resettable statistical zero knowledge
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
A dichotomy for local small-bias generators
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Theory of Computing Systems
| Hi-index | 0.00 |
Goldreich (ECCC 2000) proposed a candidate one-way function construction which is parameterized by the choice of a small predicate (over d = O (1) variables) and of a bipartite expanding graph of right-degree d . The function is computed by labeling the n vertices on the left with the bits of the input, labeling each of the n vertices on the right with the value of the predicate applied to the neighbors, and outputting the n -bit string of labels of the vertices on the right. Inverting Goldreich's one-way function is equivalent to finding solutions to a certain constraint satisfaction problem (which easily reduces to SAT) having a "planted solution," and so the use of SAT solvers constitutes a natural class of attacks. We perform an experimental analysis using MiniSat, which is one of the best publicly available algorithms for SAT. Our experiment shows that the running time required to invert the function grows exponentially with the length of the input, and that such an attack becomes infeasible already with small input length (a few hundred bits). Motivated by these encouraging experiments, we initiate a rigorous study of the limitations of back-tracking based SAT solvers as attacks against Goldreich's function. Results by Alekhnovich, Hirsch and Itsykson imply that Goldreich's function is secure against "myopic" backtracking algorithms (an interesting subclass) if the 3-ary parity predicate P (x 1 ,x 2 ,x 3 ) = x 1 *** x 2 *** x 3 is used. One must, however, use non-linear predicates in the construction, which otherwise succumbs to a trivial attack via Gaussian elimination. We generalized the work of Alekhnovich et al. to handle a more general class of predicates, and we present a lower bound for the construction that uses the predicate P d (x 1 ,...,x d ) : = x 1 *** x 2 *** *** *** x d *** 2 *** (x d *** 1 *** x d ) and a random graph.