Pseudorandomness when the odds are against you

Sergei Artemenko, Russell Impagliazzo, Valentine Kabanets, Ronen Shaltiel

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Impagliazzo and Wigderson [25] showed that if E = DTIME(2O(n)) requires size 2(n) circuits, then every time T constant-error randomized algorithm can be simulated deterministically in time poly(T). However, such polynomial slowdown is a deal breaker when T = 2α·n, for a constant α> 0, as is the case for some randomized algorithms for NP-complete problems. Paturi and Pudlak [30] observed that many such algorithms are obtained from randomized time T algorithms, for T ϵ2o(n), with large one-sided error 1-ϵ, for ϵ= 2-α·n, that are repeated 1/ϵ times to yield a constant-error randomized algorithm running in time T/ϵ= 2(α+o(1))·n. We show that if E requires size 2(n) nondeterministic circuits, then there is a poly(n)- Time ϵ-HSG (Hitting-Set Generator) H: {0, 1}O(log n)+log(1/ϵ) ! {0, 1}n, implying that time T randomized algorithms with one-sided error 1-ϵ can be simulated in deterministic time poly(T)/ϵ. In particular, under this hardness assumption, the fastest known constant-error randomized algorithm for k-SAT (for k ≥ 4) by Paturi et al. [31] can be made deterministic with essentially the same time bound. This is the first hardness versus randomness tradeoff for algorithms for NP-complete problems. We address the necessity of our assumption by showing that HSGs with very low error imply hardness for nondeterministic circuits with "few" nondeterministic bits. Applebaum et al. [2] showed that "black-box techniques" cannot achieve poly(n)-time computable ϵ-PRGs (Pseudo-Random Generators) for ϵ= n-!(1), even if we assume hardness against circuits with oracle access to an arbitrary language in the polynomial time hierarchy. We introduce weaker variants of PRGs with relative error, that do follow under the latter hardness assumption. Specifically, we say that a function G : {0, 1}r ! {0, 1}n is an (ϵ, δ)-re-PRG for a circuit C if (1 - ϵ) · Pr[C(Un) = 1] - δ ≤ Pr[C(G(Ur) = 1] ≤ (1 + ϵ) ) · Pr[C(Un) = 1] + δ. We construct poly(n)-time computable (ϵ, δ)-re-PRGs with arbitrary polynomial stretch, ϵ = n-O(1) and δ = 2-n(1) . We also construct PRGs with relative error that fool non-boolean distinguishers (in the sense introduced by Dubrov and Ishai [11]). Our techniques use ideas from [30, 43, 2]. Common themes in our proofs are "composing" a PRG/HSG with a combinatorial object such as dispersers and extractors, and the use of nondeterministic reductions in the spirit of Feige and Lund [12].

Original languageEnglish
Title of host publication31st Conference on Computational Complexity, CCC 2016
EditorsRan Raz
PublisherSchloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
ISBN (Electronic)9783959770088
StatePublished - 1 May 2016
Event31st Conference on Computational Complexity, CCC 2016 - Tokyo, Japan
Duration: 29 May 20161 Jun 2016

Publication series

NameLeibniz International Proceedings in Informatics, LIPIcs
ISSN (Print)1868-8969


Conference31st Conference on Computational Complexity, CCC 2016

Bibliographical note

Publisher Copyright:
© Sergei Artemenko, Russell Impagliazzo, Valentine Kabanets, and Ronen Shaltiel.


  • Derandomization
  • Hitting-set generator
  • Pseudorandom generator
  • Relative error

ASJC Scopus subject areas

  • Software


Dive into the research topics of 'Pseudorandomness when the odds are against you'. Together they form a unique fingerprint.

Cite this