On pseudorandom generators with linear stretch in NC0

Benny Applebaum, Yuval Ishai, Eyal Kushilevitz

Research output: Contribution to journalArticlepeer-review


We consider the question of constructing cryptographic pseudorandom generators (PRGs) in NC0, namely ones in which each bit of the output depends on just a constant number of input bits. Previous constructions of such PRGs were limited to stretching a seed of n bits to n + o(n) bits. This leaves open the existence of a PRG with a linear (let alone superlinear) stretch in NC0. In this work we study this question and obtain the following main results: 1. We show that the existence of a linear-stretch PRG in NC 0 implies non-trivial hardness of approximation results without relying on PCP machinery. In particular, it implies that Max3SAT is hard to approximate to within some multiplicative constant. 2. We construct a linear-stretch PRG in NC0 under a specific intractability assumption related to the hardness of decoding "sparsely generated" linear codes. Such an assumption was previously conjectured by Alekhnovich (FOCS 2003).

Original languageEnglish
Pages (from-to)38-69
Number of pages32
JournalComputational Complexity
Issue number1
StatePublished - Apr 2008
Externally publishedYes


  • Constant depth circuits
  • Cryptography
  • Pseudorandom generators
  • nc0


Dive into the research topics of 'On pseudorandom generators with linear stretch in NC0'. Together they form a unique fingerprint.

Cite this