Document

## File

LIPIcs.ITCS.2023.56.pdf
• Filesize: 0.68 MB
• 18 pages

## Cite As

Uma Girish, Ran Raz, and Wei Zhan. Is Untrusted Randomness Helpful?. In 14th Innovations in Theoretical Computer Science Conference (ITCS 2023). Leibniz International Proceedings in Informatics (LIPIcs), Volume 251, pp. 56:1-56:18, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2023)
https://doi.org/10.4230/LIPIcs.ITCS.2023.56

## Abstract

Randomized algorithms and protocols assume the availability of a perfect source of randomness. In real life, however, perfect randomness is rare and is almost never guaranteed. The gap between these two facts motivated much of the work on randomness and derandomization in theoretical computer science. In this work, we define a new type of randomized algorithms (and protocols), that we call robustly-randomized algorithms (protocols). Such algorithms have access to two separate (read-once) random strings. The first string is trusted to be perfectly random, but its length is bounded by some parameter k = k(n) (where n is the length of the input). We think of k as relatively small, say sub-linear or poly-logarithmic in n. The second string is of unbounded length and is assumed to be random, but its randomness is not trusted. The output of the algorithm is either an output in the set of possible outputs of the problem, or a special symbol, interpreted as do not know and denoted by ⊥. On every input for the algorithm, the output of the algorithm must satisfy the following two requirements: 1) If the second random string is perfectly random then the algorithm must output the correct answer with high probability. 2) If the second random string is an arbitrary string, even adversarially chosen after seeing the input, the algorithm must output with high probability either the correct answer or the special symbol ⊥. We discuss relations of this new definition to several previously studied notions in randomness and derandomization. For example, when considering polynomial-time algorithms, if k is logarithmic we get the complexity class ZPP, while if k is unbounded we get the complexity class BPP, and for a general k, the algorithm can be viewed as an interactive proof with a probabilistic polynomial-time prover and a probabilistic polynomial-time verifier, where the prover is allowed an unlimited number of random bits and the verifier is limited to at most k random bits. Every previously-studied class of randomized algorithms or protocols, and more generally, every previous use of randomness in theoretical computer science, can be revisited and redefined in light of our new definition, by replacing each random string with a pair of random strings, the first is trusted to be perfectly random but is relatively short and the second is of unlimited length but its randomness is not trusted. The main question that we ask is: In which settings and for which problems is the untrusted random string helpful? Our main technical observation is that every problem in the class BPL (of problems solvable by bounded-error randomized logspace algorithms) can be solved by a robustly-randomized logspace algorithm with k = O(log n), that is with just a logarithmic number of trusted random bits. We also give query complexity separations that show cases where the untrusted random string is provenly helpful. Specifically, we show that there are promise problems that can be solved by robustly-randomized protocols with only one query and just a logarithmic number of trusted random bits, whereas any randomized protocol requires either a linear number of random bits or an exponential number of queries, and any zero-error randomized protocol requires a polynomial number of queries.

## Subject Classification

##### ACM Subject Classification
• Theory of computation → Complexity classes
• Theory of computation → Interactive proof systems
• Theory of computation → Pseudorandomness and derandomization
• Untrusted
• Randomness
• Verifiable
• ZPL
• BPL
• ZPP
• BPP

## Metrics

• Access Statistics
• Total Accesses (updated on a weekly basis)
0

## References

1. Scott Aaronson. Certified Randomness from Quantum Supremacy. Talk at CRYPTO 2018. URL: https://pirsa.org/18070057.
2. Noga Alon, Yossi Matias, and Mario Szegedy. The space complexity of approximating the frequency moments. Journal of Computer and System Sciences, 58:137-147, 1999.
3. Roozbeh Bassirian, Adam Bouland, Bill Fefferman, Sam Gunn, and Avishay Tal. On Certified Randomness from Quantum Advantage Experiments. arXiv, 2021. URL: http://arxiv.org/abs/2111.14846.
4. Manuel Blum and Silvio Micali. How to generate cryptographically strong sequences of pseudorandom bits. SIAM Journal on Computing, 13(4):850, 1984.
5. Zvika Brakerski, Paul Christiano, Urmila Mahadev, Umesh Vazirani, and Thomas Vidick. A Cryptographic Test of Quantumness and Certifiable Randomness from a Single Quantum Device. Journal of the ACM, 68(5), August 2021.
6. Anat Ganor and Ran Raz. Space Pseudorandom Generators by Communication Complexity Lower Bounds. In Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques, APPROX/RANDOM, 2014.
7. William M. Hoza. Better Pseudodistributions and Derandomization for Space-Bounded Computation. In Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques, APPROX/RANDOM, 2021.
8. Russell Impagliazzo, Noam Nisan, and Avi Wigderson. Pseudorandomness for Network Algorithms. In Proceedings of the 26th annual ACM symposium on Theory of computing, STOC, pages 356-364, 1994.
9. Russell Impagliazzo and Avi Wigderson. 𝖯 = BPP If 𝖤 Requires Exponential Circuits: Derandomizing the XOR Lemma. In Proceedings of the 29th annual ACM symposium on Theory of computing, STOC, pages 220-229, 1997.
10. Carl A. Miller and Yaoyun Shi. Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices. Journal of the ACM, 63(4), October 2016.
11. Noam Nisan. Pseudorandom generators for space-bounded computation. Combinatorica, 12(4):449-461, 1992.
12. Noam Nisan and Avi Wigderson. Hardness vs randomness. Journal of Computer and System Sciences, 49(2):149-167, 1994.
13. Noam Nisan and David Zuckerman. Randomness is Linear in Space. Journal of Computer and System Sciences, 52(1):43-52, February 1996.
14. S Pironio, A Acín, S Massar, A Boyer de la Giroday, DN Matsukevich, P Maunz, S Olmschenk, D Hayes, L Luo, TA Manning, and C Monroe. Random numbers certified by Bell’s theorem. Nature, 464(7291):1021-1024, April 2010.
15. Michael Saks and Shiyu Zhou. BP_HSPACE(S) in DSPACE(S^3/2). Journal of Computer and System Sciences, 58(2):376-403, 1999.
16. Adi Shamir. On the Generation of Cryptographically Strong Pseudorandom Sequences. ACM Transactions on Computer Systems, 1(1):38-44, February 1983.
17. Salil P. Vadhan. Pseudorandomness. Foundations and Trends in Theoretical Computer Science, 7(1-3):1-336, 2012.
18. Umesh Vazirani and Thomas Vidick. Certifiable Quantum Dice: Or, True Random Number Generation Secure against Quantum Adversaries. In Proceedings of the 44th annual ACM symposium on Theory of computing, STOC, pages 61-76, 2012.
19. Andrew C. Yao. Theory and Application of Trapdoor Functions. In Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, SFCS, pages 80-91, 1982.
X

Feedback for Dagstuhl Publishing