Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Small-bias probability spaces: efficient constructions and applications
SIAM Journal on Computing
Constant depth circuits, Fourier transform, and learnability
Journal of the ACM (JACM)
The average sensitivity of bounded-depth circuits
Information Processing Letters
Security-preserving hardness-amplification for any regular one-way function
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Uniform constant-depth threshold circuits for division and iterated multiplication
Journal of Computer and System Sciences - Complexity 2001
Lower bounds on the efficiency of generic cryptographic constructions
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
The complexity of constructing pseudorandom generators from hard functions
Computational Complexity
On Constructing Parallel Pseudorandom Generators from One-Way Functions
CCC '05 Proceedings of the 20th Annual IEEE Conference on Computational Complexity
On the Complexity of Hardness Amplification
CCC '05 Proceedings of the 20th Annual IEEE Conference on Computational Complexity
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Security preserving amplification of hardness
SFCS '90 Proceedings of the 31st Annual Symposium on Foundations of Computer Science
On hardness amplification of one-way functions
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
On the Security Loss in Cryptographic Reductions
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Limits on the stretch of non-adaptive constructions of pseudo-random generators
TCC'11 Proceedings of the 8th conference on Theory of cryptography
On the complexity of non-adaptively increasing the stretch of pseudorandom generators
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Hi-index | 0.00 |
We prove complexity lower bounds for the tasks of hardness amplification of one-way functions and construction of pseudo-random generators from one-way functions, which are realized non-adaptively in black-box ways. First, we consider the task of converting a one-way function $f : \{0,1\}^n \longrightarrow \{0,1\}^m$ into a harder one-way function $\overline{f} : \{0,1\}^{\overline{n}} \longrightarrow \{0,1\}^{\overline{m}}$, with $\overline{n},\overline{m} \leq poly(n)$, in a black-box way. The hardness is measured as the fraction of inputs any polynomial-size circuit must fail to invert. We show that to use a constant-depth circuit to amplify hardness beyond a polynomial factor, its size must exceed 2poly(n), and to amplify hardness beyond a 2o(n) factor, its size must exceed $2^{2^{o(n)}}$. Moreover, for a constant-depth circuit to amplify hardness beyond an n1+o(1) factor in a security preserving way (with $\overline{n} = O(n)$), it size must exceed $2^{n^{o(1)}}$. Next, we show that if a constant-depth polynomial-size circuit can amplify hardness beyond a polynomial factor in a weakly black-box way, then it must basically embed a hard function in itself. In fact, one can derive from such an amplification procedure a highly parallel one-way function, which is computable by an NC0 circuit (constant-depth polynomial-size circuit with bounded fan-in gates). Finally, we consider the task of constructing a pseudo-random generator $G : \{0,1\}^{\overline{n}} \longrightarrow \{0,1\}^{\overline{m}}$ from a strongly one-way function $f : \{0,1\}^n \longrightarrow \{0,1\}^m$ in a black-box way. We show that any such a construction realized by a constant-depth $2^{n^{o(1)}}$-size circuit can only have a sublinear stretch (with $\overline{m} - \overline{n} = o(\overline{n})$).