Results 1  10
of
44
Simple Constructions of Almost kwise Independent Random Variables
, 1992
"... We present three alternative simple constructions of small probability spaces on n bits for which any k bits are almost independent. The number of bits used to specify a point in the sample space is (2 + o(1))(log log n + k/2 + log k + log 1 ɛ), where ɛ is the statistical difference between the dist ..."
Abstract

Cited by 270 (40 self)
 Add to MetaCart
We present three alternative simple constructions of small probability spaces on n bits for which any k bits are almost independent. The number of bits used to specify a point in the sample space is (2 + o(1))(log log n + k/2 + log k + log 1 ɛ), where ɛ is the statistical difference between the distribution induced on any k bit locations and the uniform distribution. This is asymptotically comparable to the construction recently presented by Naor and Naor (our size bound is better as long as ɛ < 1/(k log n)). An additional advantage of our constructions is their simplicity.
SmallBias Probability Spaces: Efficient Constructions and Applications
 SIAM J. Comput
, 1993
"... We show how to efficiently construct a small probability space on n binary random variables such that for every subset, its parity is either zero or one with "almost" equal probability. They are called fflbiased random variables. The number of random bits needed to generate the random var ..."
Abstract

Cited by 256 (14 self)
 Add to MetaCart
(Show Context)
We show how to efficiently construct a small probability space on n binary random variables such that for every subset, its parity is either zero or one with "almost" equal probability. They are called fflbiased random variables. The number of random bits needed to generate the random variables is O(log n + log 1 ffl ). Thus, if ffl is polynomially small, then the size of the sample space is also polynomial. Random variables that are fflbiased can be used to construct "almost" kwise independent random variables where ffl is a function of k. These probability spaces have various applications: 1. Derandomization of algorithms: many randomized algorithms that require only k wise independence of their random bits (where k is bounded by O(log n)), can be derandomized by using fflbiased random variables. 2. Reducing the number of random bits required by certain randomized algorithms, e.g., verification of matrix multiplication. 3. Exhaustive testing of combinatorial circui...
How to recycle random bits
 In Proceedings of the 30th Annual IEEE Symposium on Foundations of Computer Science
, 1989
"... ..."
(Show Context)
Simulating BPP Using a General Weak Random Source
 ALGORITHMICA
, 1996
"... We show how to simulate BPP and approximation algorithms in polynomial time using the output from a ffisource. A ffisource is a weak random source that is asked only once for R bits, and must output an Rbit string according to some distribution that places probability no more than 2 \GammaffiR on ..."
Abstract

Cited by 109 (18 self)
 Add to MetaCart
We show how to simulate BPP and approximation algorithms in polynomial time using the output from a ffisource. A ffisource is a weak random source that is asked only once for R bits, and must output an Rbit string according to some distribution that places probability no more than 2 \GammaffiR on any particular string. We also give an application to the unapproximability of Max Clique.
A.: ChernoffHoeffding bounds for applications with limited independence
 SIAM J. Discret. Math
, 1995
"... ..."
(Show Context)
Dispersers, Deterministic Amplification, and Weak Random Sources.
, 1989
"... We use a certain type of expanding bipartite graphs, called disperser graphs, to design procedures for picking highly correlated samples from a finite set, with the property that the probability of hitting any sufficiently large subset is high. These procedures require a relatively small number of r ..."
Abstract

Cited by 92 (12 self)
 Add to MetaCart
We use a certain type of expanding bipartite graphs, called disperser graphs, to design procedures for picking highly correlated samples from a finite set, with the property that the probability of hitting any sufficiently large subset is high. These procedures require a relatively small number of random bits and are robust with respect to the quality of the random bits. Using these sampling procedures to sample random inputs of polynomial time probabilistic algorithms, we can simulate the performance of some probabilistic algorithms with less random bits or with low quality random bits. We obtain the following results: 1. The error probability of an RP or BPP algorithm that operates with a constant error bound and requires n random bits, can be made exponentially small (i.e. 2 \Gamman ), with only (3 + ffl)n random bits, as opposed to standard amplification techniques that require \Omega\Gamma n 2 ) random bits for the same task. This result is nearly optimal, since the informati...
Extracting Randomness: A Survey and New Constructions
, 1999
"... this paper we do two things. First, we survey extractors and dispersers: what they are, how they can be designed, and some of their applications. The work described in the survey is due to a long list of research papers by various authors##most notably by David Zuckerman. Then, we present a new tool ..."
Abstract

Cited by 88 (4 self)
 Add to MetaCart
this paper we do two things. First, we survey extractors and dispersers: what they are, how they can be designed, and some of their applications. The work described in the survey is due to a long list of research papers by various authors##most notably by David Zuckerman. Then, we present a new tool for constructing explicit extractors and give two new constructions that greatly improve upon previous results. The new tool we devise, a merger," is a function that accepts d strings, one of which is uniformly distributed and outputs a single string that is guaranteed to be uniformly distributed. We show how to build good explicit mergers, and how mergers can be used to build better extractors. Using this, we present two new constructions. The first construction succeeds in extracting all of the randomness from any somewhat random source. This improves upon previous extractors that extract only some of the randomness from somewhat random sources with enough" randomness. The amount of truly random bits used by this extractor, however, is not optimal. The second extractor we build extracts only some of the randomness and works only for sources with enough randomness, but uses a nearoptimal amount of truly random bits. Extractors and dispersers have many applications in removing randomness" in various settings and in making randomized constructions explicit. We survey some of these applications and note whenever our new constructions yield better results, e.g., plugging our new extractors into a previous construction we achieve the first explicit Nsuperconcentrators of linear size and polyloglog(N) depth. ] 1999 Academic Press CONTENTS 1.
Computing with Very Weak Random Sources
, 1994
"... For any fixed 6> 0, we show how to simulate RP algorithms in time nO(‘Ogn) using the output of a 6source wath minentropy R‘. Such a weak random source is asked once for R bits; it outputs an Rbit string such that any string has probability at most 2Rc. If 6> 1 l/(k + l), our BPP simulatio ..."
Abstract

Cited by 76 (7 self)
 Add to MetaCart
For any fixed 6> 0, we show how to simulate RP algorithms in time nO(‘Ogn) using the output of a 6source wath minentropy R‘. Such a weak random source is asked once for R bits; it outputs an Rbit string such that any string has probability at most 2Rc. If 6> 1 l/(k + l), our BPP simulations take time no(‘og(k)n) (log(k) is the logarithm iterated k times). We also gave a polynomialtime BPP simulation using ChorGoldreich sources of minentropy Ro(’), which is optimal. We present applications to timespace tradeoffs, expander constructions, and the hardness of approximation. Also of interest is our randomnessefficient Leflover Hash Lemma, found independently by Goldreich & Wigderson.
Weak Random Sources, Hitting Sets, and BPP Simulations
, 1998
"... We show how to simulate any BPP algorithm in polynomial time using a weak random source of r bits and minentropy r fl for any fl ? 0. This follows from a more general result about sampling with weak random sources. Our result matches an informationtheoretic lower bound and solves a question that ..."
Abstract

Cited by 40 (5 self)
 Add to MetaCart
We show how to simulate any BPP algorithm in polynomial time using a weak random source of r bits and minentropy r fl for any fl ? 0. This follows from a more general result about sampling with weak random sources. Our result matches an informationtheoretic lower bound and solves a question that has been open for some years. The previous best results were a polynomial time simulation of RP [Saks, Srinivasan and Zhou 1995] and a quasipolynomial time simulation of BPP [TaShma 1996]. Departing significantly from previous related works, we do not use extractors; instead, we use the ORdisperser of [Saks, Srinivasan, and Zhou 1995] in combination with a tricky use of hitting sets borrowed from [Andreev, Clementi, and Rolim 1996]. AMS Subject Classification: 68Q10, 11K45. Key Words and Phrases: Derandomization, Imperfect Sources of Randomness, Hitting Sets, Randomized Computations, Expander Graphs. Abbreviated Title: BPP Simulations using Weak Random Sources. 1 Introduction Randomi...
On the (Non)Universality of the OneTime Pad
 In Proc. 43rd FOCS
, 2002
"... Randomization is vital in cryptography: secret keys should be randomly generated and most cryptographic primitives (e.g., encryption) must be probabilistic. As a common abstraction, it is assumed that there is a source of truly random bits available to all the participants of the system. While conve ..."
Abstract

Cited by 26 (12 self)
 Add to MetaCart
(Show Context)
Randomization is vital in cryptography: secret keys should be randomly generated and most cryptographic primitives (e.g., encryption) must be probabilistic. As a common abstraction, it is assumed that there is a source of truly random bits available to all the participants of the system. While convenient, this assumption is often highly unrealistic, and cryptographic systems have to be built based on imperfect sources of randomness. Remarkably, this fundamental problem has received little or no attention so far, despite the fact that a related question of simulating probabilistic (BPP) algorithms with imperfect random sources has a long and rich history.