Sparse pseudorandom distributions

Periodica Mathematica Hungarica

In this note we construct an algorithm generating any discrete distribution with an arbitrary coin (and, as a result, with arbitrary initial distribution). The coin need not be fair and the target distribution can be supported on a countable set.

Journal of Cryptology, 2013

We study the complexity of black-box constructions of pseudorandom functions (PRF) from one-way functions (OWF) that are secure against non-uniform adversaries. We show that if OWF do not exist, then given as an oracle any (inefficient) hard-toinvert function, one can compute a PRF in polynomial time with only k(n) oracle queries, for any k(n) = ω(1) (e.g. k(n) = log * n). Combining this with the fact that OWF imply PRF, we show that unconditionally there exists a (pathological) construction of PRF from OWF making at most k(n) queries. This result shows a limitation of a certain class of techniques for proving efficiency lower bounds on the construction of PRF from OWF. Our result builds on the work of Reingold, Trevisan, and Vadhan (TCC '04), who show that when OWF do not exist there is a pseudorandom generator (PRG) construction that makes only one oracle query to the hard-to-invert function. Our proof combines theirs with the Nisan-Wigderson generator (JCSS '94), and with a recent technique by Berman and Haitner (TCC '12). Working in the same context (i.e. when OWF do not exist), we also construct a poly-time PRG with arbitrary polynomial stretch that makes non-adaptive queries to an (inefficient) one-bit-stretch oracle PRG. This contrasts with the well-known adaptive stretch-increasing construction due to Goldreich and Micali. Both above constructions simply apply an affine function (parity or its complement) to the query answers. We complement this by showing that if the post-processing is restricted to only taking projections then non-adaptive constructions of PRF, or even linear-stretch PRG, can be ruled out.

COMBINATORICA, 1998

We formulate the notion of a "good approximation" to a probability distribution over a finite abelian group G. The quality of the approximating distribution is characterized by a parameter ε which is a bound on the difference between corresponding Fourier coefficients of the two distributions. It is also required that the sample space of the approximating distribution be of size polynomial in log |G| and 1/ε. Such approximations are useful in reducing or eliminating the use of randomness in certain randomized algorithms.

Electron. Colloquium Comput. Complex., 2016

Impagliazzo and Wigderson [25] showed that if E = DTIME(2O(n)) requires size 2Ω(n) circuits, then every time T constant-error randomized algorithm can be simulated deterministically in time poly(T). However, such polynomial slowdown is a deal breaker when T = 2α·n, for a constant α > 0, as is the case for some randomized algorithms for NP-complete problems. Paturi and Pudlak [30] observed that many such algorithms are obtained from randomized time T algorithms, for T ≤ 2o(n), with large one-sided error 1 - e, for e = 2-α·n, that are repeated 1/e times to yield a constant-error randomized algorithm running in time T/e = 2(α+o(1))·n. We show that if E requires size 2Ω(n) nondeterministic circuits, then there is a poly(n)-time e-HSG (Hitting-Set Generator) H: {0, 1}O(log n)+log(1/e) → {0, 1}n, implying that time T randomized algorithms with one-sided error 1 - e can be simulated in deterministic time poly(T)/e. In particular, under this hardness assumption, the fastest known constan...

SIAM Journal on Computing, 2000

We study the set of incompressible strings for various resource bounded versions of Kolmogorov complexity. The resource bounded versions of Kolmogorov complexity we study are: polynomial time CD complexity de ned by Sipser, the nondeterministic variant due to Buhrman and Fortnow, and the polynomial space bounded Kolmogorov complexity, CS introduced by Hartmanis. For all of these measures we de ne the set of random strings R CD t , R CND t , and R CS s as the set

Information Processing Letters, 1995

1995

We study the set of resource bounded Kolmogorov random strings: R t = fx j K t (x) jxjg for t a time constructible function such that t(n) 2 n 2 and t(n) 2 2 n O(1). We show that the class of sets that Turing reduce to R t has measure 0 in EXP with respect to the resource-bounded measure introduced by Lutz Lut92]. From this we conclude that R t is not Turing-complete for EXP. This contrasts the resource unbounded setting. There R is Turing-complete for coRE. We show that the class of sets to which R t bounded truth-table reduces, has p 2-measure 0 (therefore, measure 0 in EXP). This answers an open question of Lutz, giving a natural example of a language that is not weakly-complete for EXP and that reduces to a measure 0 class in EXP. It follows that the sets that are p btt-hard for EXP have p 2-measure 0. The measure in EXP just de ned is known to be nontrivial because of the Measure Conservation Theorem Lut92], stating that EXP does not have p 2-measure 0. Similarly, p-measure and measure in E are de ned as follows De nition 7 A class X f0; 1g 1 has p-measure 0 (and we denote it p (X) = 0) i there exists a martingale d 2 p such that, X S d]. A set X f0; 1g 1 has p-measure 1 (and we denote it p (X) = 1) i X c has p-measure 0.

SIAM Journal on Discrete Mathematics, 2016

In this work, we establish a nontrivial level of distribution for densities on {1,. .. , N} obtained by a biased coin convolution. As a consequence of sieving theory, one then derives the expected lower bound for the weight of such densities on sets of pseudo-primes. Introduction.

The starting point of this work is the basic question of whether there exists a formal and meaningful way to limit the computational power that a time bounded randomized Turing Machine can employ on its randomness. We attack this question using a fascinating connection between space and time bounded machines given by Cook [4]: a Turing Machine S running in space s with access to an unbounded stack is equivalent to a Turing Machine T running in time 2 O(s). We extend S with access to a read-only tape containing 2 O(s) uniform random bits, and a usual error regime: one-sided or two-sided, and bounded or unbounded. We study the effect of placing a bound p on the number of passes S is allowed on its random tape. It follows from Cook's results that: • If p = 1 (one-way access) and the error is one-sided unbounded, S is equivalent to deterministic T. • If p = ∞ (unrestricted access), S is equivalent to randomized T (with the same error). As our first two contributions, we completely resolve the case of unbounded error. We show that we cannot meaningfully interpolate between deterministic and randomized T by increasing p: • If p = 1 and the error is two-sided unbounded, S is still equivalent to deterministic T. • If p = 2 and the error is unbounded, S is already equivalent to randomized T (with the same error). In the bounded error case, we consider a logarithmic space Stack Machine S that is allowed p passes over its randomness. Of particular interest is the case p = 2 (log n) i , where n is the input length, and i is a positive integer. Intuitively, we show that S performs polynomial time computation on its input and parallel (preprocessing plus NC i) computation on its randomness. Formally, we introduce Randomness Compilers. In this model, a polynomial time Turing Machine gets an input x and outputs a (polynomial size, bounded fan-in) circuit C x that takes random inputs. Acceptance of x is determined by the acceptance probability of C x. We say that the randomness compiler has depth d if C x has depth d(|x|). As our third contribution, we show that: • S simulates, and is in turn simulated by, a randomness compiler with depth O (log n) i , and O (log n) i+1 , respectively. Randomness Compilers are a formal refinement of polynomial time randomized Turing Machines that might elicit independent interest.

Lecture Notes in Computer Science, 2014

Suppose that we are given an infinite binary sequence which is random for a Bernoulli measure of parameter p. By the law of large numbers, the frequency of zeros in the sequence tends to p, and thus we can get better and better approximations of p as we read the sequence. We study in this paper a similar question, but from the viewpoint of inductive inference. We suppose now that p is a computable real, but one asks for more: as we are reading more and more bits of our random sequence, we have to eventually guess the exact parameter p (in the form of a Turing code). Can one do such a thing uniformly on all sequences that are random for computable Bernoulli measures, or even on a 'large enough' fraction of them? In this paper, we give a negative answer to this question. In fact, we prove a very general negative result which extends far beyond the class of Bernoulli measures.