Generating quasi-random sequences from semi-random sources
Journal of Computer and System Sciences
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Unbiased bits from sources of weak randomness and probabilistic communication complexity
SIAM Journal on Computing - Special issue on cryptography
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Journal of Computer and System Sciences
On the Composition of Zero-Knowledge Proof Systems
SIAM Journal on Computing
On recycling the randomness of states in space bounded computation
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
Randomness conductors and constant-degree lossless expanders
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
Improved Online/Offline Signature Schemes
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Extracting randomness from samplable distributions
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
How to Go Beyond the Black-Box Simulation Barrier
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
On the (In)security of the Fiat-Shamir Paradigm
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Extracting Randomness via Repeated Condensing
SIAM Journal on Computing
Analysis of the Linux Random Number Generator
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Deterministic extractors for small-space sources
Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
Lower bounds for non-black-box zero knowledge
Journal of Computer and System Sciences - Special issue on FOCS 2003
The bit extraction problem or t-resilient functions
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
SIAM Journal on Computing
Unbalanced expanders and randomness extractors from Parvaresh--Vardy codes
Journal of the ACM (JACM)
Probabilistically Checkable Arguments
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Leftover Hash Lemma, revisited
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Extractors for Circuit Sources
FOCS '11 Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science
Generalized strong extractors and deterministic privacy amplification
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Barriers in cryptography with weak, correlated and leaky sources
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Why “fiat-shamir for proofs” lacks a proof
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Hi-index | 0.00 |
We initiate a study of randomness condensers for sources that are efficiently samplable but may depend on the seed of the condenser. That is, we seek functions Cond : {0,1}n×{0,1}d→{0,1}m such that if we choose a random seed S←{0,1}d, and a source X= A(S) is generated by a randomized circuit A of size t such that X has min-entropy at least k given S, then Cond(X;S) should have min-entropy at least some k′ given S. The distinction from the standard notion of randomness condensers is that the source X may be correlated with the seed S (but is restricted to be efficiently samplable). Randomness extractors of this type (corresponding to the special case where k′=m) have been implicitly studied in the past (by Trevisan and Vadhan, FOCS ‘00). We show that: — Unlike extractors, we can have randomness condensers for samplable, seed-dependent sources whose computational complexity is smaller than the size t of the adversarial sampling algorithm A. Indeed, we show that sufficiently strong collision-resistant hash functions are seed-dependent condensers that produce outputs with min-entropy k' = m - O(log t), i.e. logarithmic entropy deficiency. — Randomness condensers suffice for key derivation in many cryptographic applications: when an adversary has negligible success probability (or negligible "squared advantage" [3]) for a uniformly random key, we can use instead a key generated by a condenser whose output has logarithmic entropy deficiency. — Randomness condensers for seed-dependent samplable sources that are robust to side information generated by the sampling algorithm imply soundness of the Fiat-Shamir Heuristic when applied to any constant-round, public-coin interactive proof system.