Results 1  10
of
28
Simple Extractors for All MinEntropies and a New PseudoRandom Generator
 Journal of the ACM
, 2001
"... A “randomness extractor ” is an algorithm that given a sample from a distribution with sufficiently high minentropy and a short random seed produces an output that is statistically indistinguishable from uniform. (Minentropy is a measure of the amount of randomness in a distribution). We present a ..."
Abstract

Cited by 107 (30 self)
 Add to MetaCart
A “randomness extractor ” is an algorithm that given a sample from a distribution with sufficiently high minentropy and a short random seed produces an output that is statistically indistinguishable from uniform. (Minentropy is a measure of the amount of randomness in a distribution). We present a simple, selfcontained extractor construction that produces good extractors for all minentropies. Our construction is algebraic and builds on a new polynomialbased approach introduced by TaShma, Zuckerman, and Safra [TSZS01]. Using our improvements, we obtain, for example, an extractor with output length m = k/(log n) O(1/α) and seed length (1 + α) log n for an arbitrary 0 < α ≤ 1, where n is the input length, and k is the minentropy of the input distribution. A “pseudorandom generator ” is an algorithm that given a short random seed produces a long output that is computationally indistinguishable from uniform. Our technique also gives a new way to construct pseudorandom generators from functions that require large circuits. Our pseudorandom generator construction is not based on the NisanWigderson generator [NW94], and turns worstcase hardness directly into pseudorandomness. The parameters of our generator match those in [IW97, STV01] and in particular are strong enough to obtain a new proof that P = BP P if E requires exponential size circuits.
Subquadratictime factoring of polynomials over finite fields
 Math. Comp
, 1998
"... Abstract. New probabilistic algorithms are presented for factoring univariate polynomials over finite fields. The algorithms factor a polynomial of degree n over a finite field of constant cardinality in time O(n 1.815). Previous algorithms required time Θ(n 2+o(1)). The new algorithms rely on fast ..."
Abstract

Cited by 68 (11 self)
 Add to MetaCart
Abstract. New probabilistic algorithms are presented for factoring univariate polynomials over finite fields. The algorithms factor a polynomial of degree n over a finite field of constant cardinality in time O(n 1.815). Previous algorithms required time Θ(n 2+o(1)). The new algorithms rely on fast matrix multiplication techniques. More generally, to factor a polynomial of degree n over the finite field Fq with q elements, the algorithms use O(n 1.815 log q) arithmetic operations in Fq. The new “baby step/giant step ” techniques used in our algorithms also yield new fast practical algorithms at superquadratic asymptotic running time, and subquadratictime methods for manipulating normal bases of finite fields. 1.
Discrete logarithms in gf(p) using the number field sieve
 SIAM J. Discrete Math
, 1993
"... Recently, several algorithms using number field sieves have been given to factor a number n in heuristic expected time Ln[1/3; c], where Ln[v; c] = exp{(c + o(1))(log n) v (log log n) 1−v}, for n → ∞. In this paper we present an algorithm to solve the discrete logarithm problem for GF (p) with heur ..."
Abstract

Cited by 63 (1 self)
 Add to MetaCart
Recently, several algorithms using number field sieves have been given to factor a number n in heuristic expected time Ln[1/3; c], where Ln[v; c] = exp{(c + o(1))(log n) v (log log n) 1−v}, for n → ∞. In this paper we present an algorithm to solve the discrete logarithm problem for GF (p) with heuristic expected running time Lp[1/3; 3 2/3]. For numbers of a special form, there is an asymptotically slower but more practical version of the algorithm.
Explicit bounds for primes in residue classes
 Math. Comp
, 1996
"... Abstract. Let E/K be an abelian extension of number fields, with E ̸ = Q. Let ∆ and n denote the absolute discriminant and degree of E. Letσdenote an element of the Galois group of E/K. Weprovethefollowingtheorems, assuming the Extended Riemann Hypothesis: () (1) There is a degree1 prime p of K su ..."
Abstract

Cited by 17 (1 self)
 Add to MetaCart
Abstract. Let E/K be an abelian extension of number fields, with E ̸ = Q. Let ∆ and n denote the absolute discriminant and degree of E. Letσdenote an element of the Galois group of E/K. Weprovethefollowingtheorems, assuming the Extended Riemann Hypothesis: () (1) There is a degree1 prime p of K such that p = σ, satis
On Exponential Sums and Group Generators for Elliptic Curves over Finite Fields
, 2000
"... In the paper an upper bound is established for certain exponential sums, analogous to Gaussian sums, defined on the points of an elliptic curve over a prime finite field. The bound is applied to prove the existence of group generators for the set of points on an elliptic curve over Fq among certain ..."
Abstract

Cited by 17 (12 self)
 Add to MetaCart
In the paper an upper bound is established for certain exponential sums, analogous to Gaussian sums, defined on the points of an elliptic curve over a prime finite field. The bound is applied to prove the existence of group generators for the set of points on an elliptic curve over Fq among certain sets of bounded size. We apply this estimate to obtain a deterministic O(q 1=2+" ) algorithm for finding generators of the group in echelon form, and in particular to determine its group structure.
Generators and irreducible polynomials over finite fields
 Mathematics of Computation
, 1997
"... Abstract. Weil’s character sum estimate is used to study the problem of constructing generators for the multiplicative group of a finite field. An application to the distribution of irreducible polynomials is given, which confirms an asymptotic version of a conjecture of HansenMullen. 1. ..."
Abstract

Cited by 16 (4 self)
 Add to MetaCart
Abstract. Weil’s character sum estimate is used to study the problem of constructing generators for the multiplicative group of a finite field. An application to the distribution of irreducible polynomials is given, which confirms an asymptotic version of a conjecture of HansenMullen. 1.
Elements Of Provable High Orders In Finite Fields
 Proc. American Math. Soc
, 1997
"... A method is given for constructing elements in F q n whose orders are larger than any polynomial in n when n becomes large. As a byproduct a theorem on multiplicative independence of compositions of polynomials is proved. 1. ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
A method is given for constructing elements in F q n whose orders are larger than any polynomial in n when n becomes large. As a byproduct a theorem on multiplicative independence of compositions of polynomials is proved. 1.
Counting Curves and Their Projections
 Computational Complexity
, 1996
"... . Some deterministic and probabilistic methods are presented for counting and estimating the number of points on curves over finite fields, and on their projections. The classical question of estimating the size of the image of a univariate polynomial is a special case. For curves given by spars ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
. Some deterministic and probabilistic methods are presented for counting and estimating the number of points on curves over finite fields, and on their projections. The classical question of estimating the size of the image of a univariate polynomial is a special case. For curves given by sparse polynomials, the counting problem is #Pcomplete via probabilistic parsimonious Turing reductions. 1. Introduction One of the most celebrated results in algebraic geometry is Weil's theorem on the number of points on algebraic curves over a finite field. In this paper, we address some computational problems related to this question. Our main results are: ffi A "computational Weil estimate" for projections of curves and images of polynomials, in Section 3. ffi #Pcompleteness of the exact counting problem for sparse curves, in Section 4. We consider a finite field F q with q elements, an algebraic closure K of F q , a polynomial f 2 F q [x; y] of degree n , the plane curve C = ff = 0...