Document Open Access Logo

Is Untrusted Randomness Helpful?

Authors Uma Girish, Ran Raz, Wei Zhan

Thumbnail PDF


  • Filesize: 0.68 MB
  • 18 pages

Document Identifiers

Author Details

Uma Girish
  • Princeton University, NJ, USA
Ran Raz
  • Princeton University, NJ, USA
Wei Zhan
  • Princeton University, NJ, USA

Cite AsGet BibTex

Uma Girish, Ran Raz, and Wei Zhan. Is Untrusted Randomness Helpful?. In 14th Innovations in Theoretical Computer Science Conference (ITCS 2023). Leibniz International Proceedings in Informatics (LIPIcs), Volume 251, pp. 56:1-56:18, Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2023)


Randomized algorithms and protocols assume the availability of a perfect source of randomness. In real life, however, perfect randomness is rare and is almost never guaranteed. The gap between these two facts motivated much of the work on randomness and derandomization in theoretical computer science. In this work, we define a new type of randomized algorithms (and protocols), that we call robustly-randomized algorithms (protocols). Such algorithms have access to two separate (read-once) random strings. The first string is trusted to be perfectly random, but its length is bounded by some parameter k = k(n) (where n is the length of the input). We think of k as relatively small, say sub-linear or poly-logarithmic in n. The second string is of unbounded length and is assumed to be random, but its randomness is not trusted. The output of the algorithm is either an output in the set of possible outputs of the problem, or a special symbol, interpreted as do not know and denoted by ⊥. On every input for the algorithm, the output of the algorithm must satisfy the following two requirements: 1) If the second random string is perfectly random then the algorithm must output the correct answer with high probability. 2) If the second random string is an arbitrary string, even adversarially chosen after seeing the input, the algorithm must output with high probability either the correct answer or the special symbol ⊥. We discuss relations of this new definition to several previously studied notions in randomness and derandomization. For example, when considering polynomial-time algorithms, if k is logarithmic we get the complexity class ZPP, while if k is unbounded we get the complexity class BPP, and for a general k, the algorithm can be viewed as an interactive proof with a probabilistic polynomial-time prover and a probabilistic polynomial-time verifier, where the prover is allowed an unlimited number of random bits and the verifier is limited to at most k random bits. Every previously-studied class of randomized algorithms or protocols, and more generally, every previous use of randomness in theoretical computer science, can be revisited and redefined in light of our new definition, by replacing each random string with a pair of random strings, the first is trusted to be perfectly random but is relatively short and the second is of unlimited length but its randomness is not trusted. The main question that we ask is: In which settings and for which problems is the untrusted random string helpful? Our main technical observation is that every problem in the class BPL (of problems solvable by bounded-error randomized logspace algorithms) can be solved by a robustly-randomized logspace algorithm with k = O(log n), that is with just a logarithmic number of trusted random bits. We also give query complexity separations that show cases where the untrusted random string is provenly helpful. Specifically, we show that there are promise problems that can be solved by robustly-randomized protocols with only one query and just a logarithmic number of trusted random bits, whereas any randomized protocol requires either a linear number of random bits or an exponential number of queries, and any zero-error randomized protocol requires a polynomial number of queries.

Subject Classification

ACM Subject Classification
  • Theory of computation → Complexity classes
  • Theory of computation → Interactive proof systems
  • Theory of computation → Pseudorandomness and derandomization
  • Untrusted
  • Randomness
  • Verifiable
  • ZPL
  • BPL
  • ZPP
  • BPP


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Scott Aaronson. Certified Randomness from Quantum Supremacy. Talk at CRYPTO 2018. URL:
  2. Noga Alon, Yossi Matias, and Mario Szegedy. The space complexity of approximating the frequency moments. Journal of Computer and System Sciences, 58:137-147, 1999. Google Scholar
  3. Roozbeh Bassirian, Adam Bouland, Bill Fefferman, Sam Gunn, and Avishay Tal. On Certified Randomness from Quantum Advantage Experiments. arXiv, 2021. URL:
  4. Manuel Blum and Silvio Micali. How to generate cryptographically strong sequences of pseudorandom bits. SIAM Journal on Computing, 13(4):850, 1984. Google Scholar
  5. Zvika Brakerski, Paul Christiano, Urmila Mahadev, Umesh Vazirani, and Thomas Vidick. A Cryptographic Test of Quantumness and Certifiable Randomness from a Single Quantum Device. Journal of the ACM, 68(5), August 2021. Google Scholar
  6. Anat Ganor and Ran Raz. Space Pseudorandom Generators by Communication Complexity Lower Bounds. In Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques, APPROX/RANDOM, 2014. Google Scholar
  7. William M. Hoza. Better Pseudodistributions and Derandomization for Space-Bounded Computation. In Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques, APPROX/RANDOM, 2021. Google Scholar
  8. Russell Impagliazzo, Noam Nisan, and Avi Wigderson. Pseudorandomness for Network Algorithms. In Proceedings of the 26th annual ACM symposium on Theory of computing, STOC, pages 356-364, 1994. Google Scholar
  9. Russell Impagliazzo and Avi Wigderson. 𝖯 = BPP If 𝖤 Requires Exponential Circuits: Derandomizing the XOR Lemma. In Proceedings of the 29th annual ACM symposium on Theory of computing, STOC, pages 220-229, 1997. Google Scholar
  10. Carl A. Miller and Yaoyun Shi. Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices. Journal of the ACM, 63(4), October 2016. Google Scholar
  11. Noam Nisan. Pseudorandom generators for space-bounded computation. Combinatorica, 12(4):449-461, 1992. Google Scholar
  12. Noam Nisan and Avi Wigderson. Hardness vs randomness. Journal of Computer and System Sciences, 49(2):149-167, 1994. Google Scholar
  13. Noam Nisan and David Zuckerman. Randomness is Linear in Space. Journal of Computer and System Sciences, 52(1):43-52, February 1996. Google Scholar
  14. S Pironio, A Acín, S Massar, A Boyer de la Giroday, DN Matsukevich, P Maunz, S Olmschenk, D Hayes, L Luo, TA Manning, and C Monroe. Random numbers certified by Bell’s theorem. Nature, 464(7291):1021-1024, April 2010. Google Scholar
  15. Michael Saks and Shiyu Zhou. BP_HSPACE(S) in DSPACE(S^3/2). Journal of Computer and System Sciences, 58(2):376-403, 1999. Google Scholar
  16. Adi Shamir. On the Generation of Cryptographically Strong Pseudorandom Sequences. ACM Transactions on Computer Systems, 1(1):38-44, February 1983. Google Scholar
  17. Salil P. Vadhan. Pseudorandomness. Foundations and Trends in Theoretical Computer Science, 7(1-3):1-336, 2012. Google Scholar
  18. Umesh Vazirani and Thomas Vidick. Certifiable Quantum Dice: Or, True Random Number Generation Secure against Quantum Adversaries. In Proceedings of the 44th annual ACM symposium on Theory of computing, STOC, pages 61-76, 2012. Google Scholar
  19. Andrew C. Yao. Theory and Application of Trapdoor Functions. In Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, SFCS, pages 80-91, 1982. Google Scholar
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail