Extractors: applications and constructions Avi Wigderson IAS, Princeton Randomness.

Slides:



Advertisements
Similar presentations
Randomness Conductors Expander Graphs Randomness Extractors Condensers Universal Hash Functions
Advertisements

Randomness Conductors (II) Expander Graphs Randomness Extractors Condensers Universal Hash Functions
PRG for Low Degree Polynomials from AG-Codes Gil Cohen Joint work with Amnon Ta-Shma.
An Introduction to Randomness Extractors Ronen Shaltiel University of Haifa Daddy, how do computers get random bits?
Linear-Degree Extractors and the Inapproximability of Max Clique and Chromatic Number David Zuckerman University of Texas at Austin.
Randomness Extractors & their Cryptographic Applications Salil Vadhan Harvard University
Randomness Extractors: Motivation, Applications and Constructions Ronen Shaltiel University of Haifa.
Extracting Randomness From Few Independent Sources Boaz Barak, IAS Russell Impagliazzo, UCSD Avi Wigderson, IAS.
Deterministic extractors for bit- fixing sources by obtaining an independent seed Ariel Gabizon Ran Raz Ronen Shaltiel Seedless.
Extracting Randomness David Zuckerman University of Texas at Austin.
Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)
Talk for Topics course. Pseudo-Random Generators pseudo-random bits PRG seed Use a short “ seed ” of very few truly random bits to generate a long string.
Simple extractors for all min- entropies and a new pseudo- random generator Ronen Shaltiel Chris Umans.
Expander Graphs, Randomness Extractors and List-Decodable Codes Salil Vadhan Harvard University Joint work with Venkat Guruswami (UW) & Chris Umans (Caltech)
List decoding and pseudorandom constructions: lossless expanders and extractors from Parvaresh-Vardy codes Venkatesan Guruswami Carnegie Mellon University.
The Unified Theory of Pseudorandomness Salil Vadhan Harvard University See also monograph-in-progress Pseudorandomness
Extractors: applications and constructions Avi Wigderson IAS, Princeton Randomness.
Robust Randomness Expansion Upper and Lower Bounds Matthew Coudron, Thomas Vidick, Henry Yuen arXiv:
Deterministic Amplification of Space-Bounded Probabilistic Algorithms Ziv Bar-Yossef Oded Goldreich U.C. Berkeley Weizmann Institute U.C. Berkeley Weizmann.
Complexity Theory Lecture 11 Lecturer: Moni Naor.
NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.
Derandomized parallel repetition theorems for free games Ronen Shaltiel, University of Haifa.
Randomness Extractors & their Many Guises Salil Vadhan Harvard University to be posted at
Randomized Algorithms Kyomin Jung KAIST Applied Algorithm Lab Jan 12, WSAC
Some Limits on Non-Local Randomness Expansion Matt Coudron and Henry Yuen /12/12 God does not play dice. --Albert Einstein Einstein, stop telling.
Time vs Randomness a GITCS presentation February 13, 2012.
Randomness Extractors: Motivation, Applications and Constructions Ronen Shaltiel University of Haifa.
1 Algorithms for Large Data Sets Ziv Bar-Yossef Lecture 13 June 25, 2006
Yi Wu (CMU) Joint work with Parikshit Gopalan (MSR SVC) Ryan O’Donnell (CMU) David Zuckerman (UT Austin) Pseudorandom Generators for Halfspaces TexPoint.
Derandomization: New Results and Applications Emanuele Viola Harvard University March 2006.
Constant Degree, Lossless Expanders Omer Reingold AT&T joint work with Michael Capalbo (IAS), Salil Vadhan (Harvard), and Avi Wigderson (Hebrew U., IAS)
ACT1 Slides by Vera Asodi & Tomer Naveh. Updated by : Avi Ben-Aroya & Alon Brook Adapted from Oded Goldreich’s course lecture notes by Sergey Benditkis,
3-source extractors, bi-partite Ramsey graphs, and other explicit constructions Boaz barak rOnen shaltiel Benny sudakov avi wigderson Joint work with GUY.
Derandomizing LOGSPACE Based on a paper by Russell Impagliazo, Noam Nissan and Avi Wigderson Presented by Amir Rosenfeld.
1 Streaming Computation of Combinatorial Objects Ziv Bar-Yossef U.C. Berkeley Omer Reingold AT&T Labs – Research Ronen.
The Power of Randomness in Computation 呂及人中研院資訊所.
Extractors with Weak Random Seeds Ran Raz Weizmann Institute.
Simulating independence: new constructions of Condensers, Ramsey Graphs, Dispersers and Extractors Boaz Barak Guy Kindler Ronen Shaltiel Benny Sudakov.
Randomness – A computational complexity view Avi Wigderson Institute for Advanced Study.
Randomness (and Pseudorandomness) Avi Wigderson IAS, Princeton
The Power and Weakness of Randomness (when you are short on time) Avi Wigderson School of Mathematics Institute for Advanced Study.
Why Extractors? … Extractors, and the closely related “Dispersers”, exhibit some of the most “random-like” properties of explicitly constructed combinatorial.
Endre Szemerédi & TCS Avi Wigderson IAS, Princeton.
Extractors: applications and constructions Avi Wigderson IAS, Princeton Randomness Seeded.
Some Fundamental Insights of Computational Complexity Theory Avi Wigderson IAS, Princeton, NJ Hebrew University, Jerusalem.
When is Randomness Extraction Possible? David Zuckerman University of Texas at Austin.
Amplification and Derandomization Without Slowdown Dana Moshkovitz MIT Joint work with Ofer Grossman (MIT)
1 Explicit Two-Source Extractors and Resilient Functions Eshan Chattopadhyay David Zuckerman UT Austin.
Randomness & Pseudorandomness Avi Wigderson IAS, Princeton.
Randomness Extraction Beyond the Classical World Kai-Min Chung Academia Sinica, Taiwan 1 Based on joint works with Xin Li, Yaoyun Shi, and Xiaodi Wu.
RANDOMNESS VS. MEMORY: Prospects and Barriers Omer Reingold, Microsoft Research and Weizmann With insights courtesy of Moni Naor, Ran Raz, Luca Trevisan,
CS774. Markov Random Field : Theory and Application Lecture 15 Kyomin Jung KAIST Oct
Pseudo-random generators Talk for Amnon ’ s seminar.
Error-Correcting Codes and Pseudorandom Projections Luca Trevisan U.C. Berkeley.
New Results of Quantum-proof Randomness Extractors Xiaodi Wu (MIT) 1 st Trustworthy Quantum Information Workshop Ann Arbor, USA 1 based on work w/ Kai-Min.
Does Privacy Require True Randomness? Yevgeniy Dodis New York University Joint work with Carl Bosley.
Almost SL=L, and Near-Perfect Derandomization Oded Goldreich The Weizmann Institute Avi Wigderson IAS, Princeton Hebrew University.
Umans Complexity Theory Lecturess Lecture 11: Randomness Extractors.
Pseudorandomness: New Results and Applications Emanuele Viola IAS April 2007.
Complexity Theory and Explicit Constructions of Ramsey Graphs Rahul Santhanam University of Edinburgh.
Randomness and Computation
Coding, Complexity and Sparsity workshop
Pseudorandomness when the odds are against you
Extractors: Optimal Up to Constant Factors
Non-Malleable Extractors New tools and improved constructions
Cryptography Lecture 5.
The Zig-Zag Product and Expansion Close to the Degree
The Weizmann Institute
Pseudorandomness: New Results and Applications
Presentation transcript:

Extractors: applications and constructions Avi Wigderson IAS, Princeton Randomness

Extractors: original motivation Unbiased, independent Probabilistic algorithms Cryptography Game Theory Applications: Analyzed on perfect randomness biased, dependent Reality: Sources of imperfect randomness Stock market fluctuations Sun spots Radioactive decay Extractor Theory

Running probabilistic algorithms with weak random bits Probabilistic algorithm InputOutput Error prob < δ E XT unbiased, independent biased, dependent

Monte-Carlo algorithms with few random bits Setting: Statistical mechanics model (Ising, Potts, Percolation, Spin Glass,….) Task: Estimate parameters (free entropy, partition function, long-range correlations,…) Algorithm: Sample a random state from Gibbs dist. (Glauber dynamics, Metropolis algorithm,…) State Space {0,1} n n sites

Monte-Carlo algorithms with few random bits Resources of the typical Monte-Carlo algorithm - Space: ~ n -Time: t < poly(n) -Randomness: ~ tn bits [Nisan-Zuckerman] Randomness = space! Deterministically expand n  tn bits, with r t ~ uniform ! State Space {0,1} n any r 1 r 2 r i r t ~ uniform

Certifying randomness  What if the device/detectors are faulty? [Colbeck ‘06, Pioroni et al ‘10, Vidick-Vazirani ‘12,…] Amplification & certification of randomness: QM Algorithm QM device k bits 2 k bits With High Probability: If device good: output ~ uniform If device faulty: rejects No signaling Extractor Insnside

Applications of Extractors Using weak random sources in prob algorithms [B84,SV84,V85,VV85,CG85,V87,CW89,Z90-91] Randomness-efficient error reduction of prob algorithms [Sip88, GZ97, MV99,STV99] Derandomization of space-bounded algorithms [NZ93, INW94, RR99, GW02] Distributed Algorithms [WZ95, Zuc97, RZ98, Ind02]. Hardness of Approximation [Zuc93, Uma99, MU01] Cryptography [CDHKS00, MW00, Lu02 Vad03] Data Structures [Ta02] Coding Theory [TZ01,TZS01] Certifying & expanding randomness [Col09,Pir+09,VV12]

Unifying Role of Extractors Extractors are intimately related to: Hash Functions [ILL89,SZ94,GW94] Expander Graphs [WZ93, RVW00, TUZ01, CRVW02] Samplers [G97, Z97] Pseudorandom Generators [Tre99, …] Error-Correcting Codes [TZ01, TZS01, SU01, U02] Ergodic Theory [Lindenstrauss 07] Exponential sums  Unify the theory of pseudorandomness.

Definitions

Weak random sources Distributions X on {0,1} n with “some” entropy: X=(X 1,X 2,…,X n ) [vN] sources: n coins of unknown fixed bias [SV] sources : Pr[X i+1 =1|X 1 =b 1,…,X i =b i ]  ( δ, 1-δ) [LLS] sources : n coins, some “sticky” ….. [Z] k-sources: H ∞ (X) ≥ k  x Pr[X = x]  2 -k e.g X uniform with support ≥ 2 k k – the entropy in the weak source {0,1} n X

Randomness Extractors (1 st attempt) E XT X k -source of length n m (almost) uniform bits Ext : {0,1} n  {0,1} m Impossible even if k=n-1 and m=1 “weak” random source X k can be e.g n/2, √n, log n,… Ext=0 Ext=1 {0,1} n X m ≤ k

Extractors [Nisan & Zuckerman `93] E XT k -source of length n m bits  -close to uniform d random bits (short) “seed” {0,1} n X {0,1} m Ext i (X) i  {0,1} d Want: efficient Ext, small d, , large m

Explicit & Efficient Extractors Non-constructive & optimal [Sip88,NZ93,RT97]: –Seed length d = log n + O(1). –Output length m = k - O(1). [...B86,SV86,CG87, NZ93, WZ93, GW94, SZ94, SSZ95, Zuc96, Ta96, Ta98, Tre99, RRV99a, RRV99b, ISW00, RSW00, RVW00, TUZ01, TZS01, SU01, LRVW03,…] Explicit constructions [GUV07, DW08] - Seed length d = O(log n) - Output length m =.99k

Running probabilistic algorithms with weak random bits k-source of length n m random bits E XT d random bits Probabilistic algorithm Input (upto  L 1 error) Output Error prob < δ ++ Try all possible 2 d = poly(n) seeds. Take majority vote. Efficient! k=2m

Constructions via the Kakeya Problem

Mergers [Ta96] – very special case d random bits seed Mer X Y m ≥. 99k k k k X,Y  F q k q ~ n 100 X or Y is random X,Y correlated! [LRVW] Mer = aX+bY a,b  F q ( d=2log q ) Major problems in analysis and geometry! Wolf: Smallest set in F q k containing a line in every direction? Kakeya: Smallest set in R 2 cont. a needle in every direction? Besikovich: Smallest set in R 2 has area 0! Dvir: Smallest set in F q k has volume > (cq) k. Polynomial method!

Thanks!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.