Revision #2 Authors: Benny Applebaum, Sergei Artemenko, Ronen Shaltiel, Guang Yang

Accepted on: 19th March 2016 16:23

Downloads: 280

Keywords:

A circuit $C$ \emph{compresses} a function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ if given an input $x\in \{0,1\}^n$ the circuit $C$ can shrink $x$ to a shorter $\ell$-bit string $x'$ such that later, a computationally-unbounded solver $D$ will be able to compute $f(x)$ based on $x'$. In this paper we study the existence of functions which are \emph{incompressible} by circuits of some fixed polynomial size $s=n^c$. Motivated by cryptographic applications, we focus on average-case $(\ell,\eps)$ incompressibility, which guarantees that on a random input $x\in \{0,1\}^n$, for every size $s$ circuit $C:\{0,1\}^n\rightarrow \{0,1\}^{\ell}$ and any unbounded solver $D$, the success probability $\Pr_x[D(C(x))=f(x)]$ is upper-bounded by $2^{-m}+\epsilon$. While this notion of incompressibility appeared in several works (e.g., Dubrov and Ishai, STOC 06), so far no explicit constructions of efficiently computable incompressible functions were known. In this work we present the following results:

\medskip

(1) Assuming that \textbf{E} is hard for exponential size nondeterministic circuits, we give polynomial time computable incompressible functions $f$ for size $n^c$ circuits. We can achieve a \emph{boolean} $f$ with $\ell=(1-o(1)) \cdot n$ and $\epsilon=n^{-c}$. Our technique generalizes to the case of PRGs against nonboolean circuits, improving and simplifying the previous construction of Shaltiel and Artemenko (STOC 14).

\medskip

(2) We show that it is possible to achieve \emph{negligible} error parameter $\epsilon=n^{-\omega(1)}$ for \emph{nonboolean} functions.

Specifically, assuming that \textbf{E} is hard for exponential size $\Sigma_3$-circuits, we construct a nonboolean function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ which is incompressible by size $n^c$ circuits with $\ell=\Omega(n)$ and extremely small $\epsilon=n^{-c} \cdot 2^{-m}$. Our construction combines the techniques of Trevisan and Vadhan (FOCS 00) with a new notion of \emph{relative error} deterministic extractor which may be of independent interest.

\medskip

(3) We show that the task of constructing an incompressible \emph{boolean} function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ with \emph{negligible} error parameter $\epsilon$ cannot be achieved by ``existing proof techniques''. Namely, \emph{nondeterministic reductions} (or even $\Sigma_i$ reductions) cannot get $\eps=n^{-\omega(1)}$ for \emph{boolean} incompressible functions. Our results also apply to constructions of standard Nisan-Wigderson type PRGs and (standard) boolean functions that are hard on average, explaining, in retrospective, the limitations of existing constructions. Our impossibility result builds on an approach of Shaltiel and Viola (STOC 08).

Revision #1 Authors: Benny Applebaum, Sergei Artemenko, Ronen Shaltiel, Guang Yang

Accepted on: 6th April 2015 15:13

Downloads: 446

Keywords:

A circuit $C$ \emph{compresses} a function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ if given an input $x\in \{0,1\}^n$ the circuit $C$ can shrink $x$ to a shorter $\ell$-bit string $x'$ such that later, a computationally-unbounded solver $D$ will be able to compute $f(x)$ based on $x'$. In this paper we study the existence of functions which are \emph{incompressible} by circuits of some fixed polynomial size $s=n^c$. Motivated by cryptographic applications, we focus on average-case $(\ell,\eps)$ incompressibility, which guarantees that on a random input $x\in \{0,1\}^n$, for every size $s$ circuit $C:\{0,1\}^n\rightarrow \{0,1\}^{\ell}$ and any unbounded solver $D$, the success probability $\Pr_x[D(C(x))=f(x)]$ is upper-bounded by $2^{-m}+\epsilon$. While this notion of incompressibility appeared in several works (e.g., Dubrov and Ishai, STOC 06), so far no explicit constructions of efficiently computable incompressible functions were known. In this work we present the following results:

\medskip

(1) Assuming that \textbf{E} is hard for exponential size nondeterministic circuits, we give polynomial time computable incompressible functions $f$ for size $n^c$ circuits. We can achieve a \emph{boolean} $f$ with $\ell=(1-o(1)) \cdot n$ and $\epsilon=n^{-c}$. Our technique generalizes to the case of PRGs against nonboolean circuits, improving and simplifying the previous construction of Shaltiel and Artemenko (STOC 14).

\medskip

(2) We show that it is possible to achieve \emph{negligible} error parameter $\epsilon=n^{-\omega(1)}$ for \emph{nonboolean} functions.

Specifically, assuming that \textbf{E} is hard for exponential size $\Sigma_3$-circuits, we construct a nonboolean function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ which is incompressible by size $n^c$ circuits with $\ell=\Omega(n)$ and extremely small $\epsilon=n^{-c} \cdot 2^{-m}$. Our construction combines the techniques of Trevisan and Vadhan (FOCS 00) with a new notion of \emph{relative error} deterministic extractor which may be of independent interest.

\medskip

(3) We show that the task of constructing an incompressible \emph{boolean} function $f:\{0,1\}^n\rightarrow \{0,1\}$ with \emph{negligible} error parameter $\epsilon$ cannot be achieved by ``existing proof techniques''. Namely, \emph{nondeterministic reductions} (or even $\Sigma_i$ reductions) cannot get $\eps=n^{-\omega(1)}$ for \emph{boolean} incompressible functions. Our results also apply to constructions of standard Nisan-Wigderson type PRGs and (standard) boolean functions that are hard on average, explaining, in retrospective, the limitations of existing constructions. Our impossibility result builds on an approach of Shaltiel and Viola (STOC 08).

TR15-051 Authors: Benny Applebaum, Sergei Artemenko, Ronen Shaltiel, Guang Yang

Publication: 5th April 2015 13:27

Downloads: 786

Keywords:

A circuit $C$ \emph{compresses} a function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ if given an input $x\in \{0,1\}^n$ the circuit $C$ can shrink $x$ to a shorter $\ell$-bit string $x'$ such that later, a computationally-unbounded solver $D$ will be able to compute $f(x)$ based on $x'$. In this paper we study the existence of functions which are \emph{incompressible} by circuits of some fixed polynomial size $s=n^c$. Motivated by cryptographic applications, we focus on average-case $(\ell,\eps)$ incompressibility, which guarantees that on a random input $x\in \{0,1\}^n$, for every size $s$ circuit $C:\{0,1\}^n\rightarrow \{0,1\}^{\ell}$ and any unbounded solver $D$, the success probability $\Pr_x[D(C(x))=f(x)]$ is upper-bounded by $2^{-m}+\epsilon$. While this notion of incompressibility appeared in several works (e.g., Dubrov and Ishai, STOC 06), so far no explicit constructions of efficiently computable incompressible functions were known. In this work we present the following results:

\medskip

(1) Assuming that \textbf{E} is hard for exponential size nondeterministic circuits, we give polynomial time computable incompressible functions $f$ for size $n^c$ circuits. We can achieve a \emph{boolean} $f$ with $\ell=(1-o(1)) \cdot n$ and $\epsilon=n^{-c}$. Our technique generalizes to the case of PRGs against nonboolean circuits, improving and simplifying the previous construction of Shaltiel and Artemenko (STOC 14).

\medskip

(2) We show that it is possible to achieve \emph{negligible} error parameter $\epsilon=n^{-\omega(1)}$ for \emph{nonboolean} functions.

Specifically, assuming that \textbf{E} is hard for exponential size $\Sigma_3$-circuits, we construct a nonboolean function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ which is incompressible by size $n^c$ circuits with $\ell=\Omega(n)$ and extremely small $\epsilon=n^{-c} \cdot 2^{-m}$. Our construction combines the techniques of Trevisan and Vadhan (FOCS 00) with a new notion of \emph{relative error} deterministic extractor which may be of independent interest.

\medskip

(3) We show that the task of constructing an incompressible \emph{boolean} function $f:\{0,1\}^n\rightarrow \{0,1\}^m$ with \emph{negligible} error parameter $\epsilon$ cannot be achieved by ``existing proof techniques''. Namely, \emph{nondeterministic reductions} (or even $\Sigma_i$ reductions) cannot get $\eps=n^{-\omega(1)}$ for \emph{boolean} incompressible functions. Our results also apply to constructions of standard Nisan-Wigderson type PRGs and (standard) boolean functions that are hard on average, explaining, in retrospective, the limitations of existing constructions. Our impossibility result builds on an approach of Shaltiel and Viola (STOC 08).