Simple extractors for all min-entropies and a new pseudo-random generator

Ronen Shaltiel, Christopher Umans

Research output: Contribution to journalArticlepeer-review


We present a simple, self-contained extractor construction that produces good extractors for all min-entropies (min-entropy measures the amount of randomness contained in a weak random source). Our construction is algebraic and builds on a new polynomial-based approach introduced by Ta-Shma, Zuckerman, and Safra. Using our improvements, we obtain, for example, an extractor with output length m = k1-λ and seed length O(log n). This matches the parameters of Trevisan's breakthrough result and additionally achieves those parameters for small min-entropies k. Extending to small k has been the focus of a sequence of recent works. Our construction gives a much simpler and more direct solution to this problem. Applying similar ideas to the problem of building pseudo-random generators, we obtain a new pseudo-random generator construction that is not based on the NW generator, and turns worst-case hardness directly into pseudo-randomness. The parameters of this generator match those in [16, 33] and in particular are strong enough to obtain a new proof that P = BPP if E requires exponential size circuits. Essentially the same construction yields a hitting set generator with optimal seed length that outputs sΩ(1) bits when given a function that requires circuits of size s (for any s). This implies a hardness versus randomness tradeoff for RP and BPP that is optimal (up to polynomial factors), solving an open problem raised by [14]. Our generators can also be used to derandomize AM in a way that improves and extends the results of [4, 18, 20].

Original languageEnglish
Pages (from-to)648-657
Number of pages10
JournalAnnual Symposium on Foundations of Computer Science - Proceedings
StatePublished - 2001
Externally publishedYes

ASJC Scopus subject areas

  • Hardware and Architecture


Dive into the research topics of 'Simple extractors for all min-entropies and a new pseudo-random generator'. Together they form a unique fingerprint.

Cite this