On the power of the randomized iterate

Iftach Haitner*, Danny Harnik, Omer Reingold

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


We consider two of the most fundamental theorems in Cryptography. The first, due to Håstad et al. [HILL99], is that pseudorandom generators can be constructed from any one-way function. The second due to Yao [Yao82] states that the existence of weak one-way functions (i.e. functions on which every efficient algorithm fails to invert with some noticeable probability) implies the existence of full fledged one-way functions. These powerful plausibility results shape our understanding of hardness and randomness in Cryptography. Unfortunately, the reductions given in [HILL99, Yao82] are not as security preserving as one may desire. The main reason for the security deterioration is the input blow up in both of these constructions. For example, given one-way functions on n bits one obtains by [HILL99] pseudorandom generators with seed length Ω(n8). This paper revisits a technique that we call the Randomized Iterate, introduced by Goldreich, et. al. [GKL93]. This technique was used in [GKL93] to give a construction of pseudorandom generators from regular one-way functions. We simplify and strengthen this technique in order to obtain a similar reduction where the seed length of the resulting generators is as short as Ο(n log n) rather than Ω(n3) in [GKL93]. Our technique has the potential of implying seed-length Ο(n), and the only bottleneck for such a result is the parameters of current generators against space bounded computations. We give a reduction with similar parameters for security amplification of regular one-way functions. This improves upon the reduction of Goldreich et al. [GIL+90] in that the reduction does not need to know the regularity parameter of the functions (in terms of security, the two reductions are incomparable). Finally, we show that the randomized iterate may even be useful in the general context of [HILL99]. In Particular, we use the randomized iterate to replace the basic building block of the [HILL99] construction. Interestingly, this modification improves efficiency by an n 3 factor and reduces the seed length to Ο(n7) (which also implies improvement in the security of the construction).

Original languageEnglish
Title of host publicationAdvances in Cryptology - CRYPTO 2006 - 26th Annual International Cryptology Conference, Proceedings
PublisherSpringer Verlag
Number of pages19
ISBN (Print)3540374329, 9783540374329
StatePublished - 2006
Externally publishedYes
Event26th Annual International Cryptology Conference, CRYPTO 2006 - Seattle, WA, United States
Duration: 20 Aug 200624 Aug 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4117 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference26th Annual International Cryptology Conference, CRYPTO 2006
Country/TerritoryUnited States
CitySeattle, WA


Dive into the research topics of 'On the power of the randomized iterate'. Together they form a unique fingerprint.

Cite this