A Tight Lower Bound for Entropy Flattening

Authors Yi-Hsiu Chen, Mika Göös, Salil P. Vadhan, Jiapeng Zhang



PDF
Thumbnail PDF

File

LIPIcs.CCC.2018.23.pdf
  • Filesize: 0.64 MB
  • 28 pages

Document Identifiers

Author Details

Yi-Hsiu Chen
  • School of Engineering and Applied Sciences, Harvard University, USA
Mika Göös
  • School of Engineering and Applied Sciences, Harvard University, USA
Salil P. Vadhan
  • Computer Science and Applied Mathematics, Harvard University, USA
Jiapeng Zhang
  • University of California San Diego, USA

Cite As Get BibTex

Yi-Hsiu Chen, Mika Göös, Salil P. Vadhan, and Jiapeng Zhang. A Tight Lower Bound for Entropy Flattening. In 33rd Computational Complexity Conference (CCC 2018). Leibniz International Proceedings in Informatics (LIPIcs), Volume 102, pp. 23:1-23:28, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2018) https://doi.org/10.4230/LIPIcs.CCC.2018.23

Abstract

We study entropy flattening: Given a circuit C_X implicitly describing an n-bit source X (namely, X is the output of C_X on a uniform random input), construct another circuit C_Y describing a source Y such that (1) source Y is nearly flat (uniform on its support), and (2) the Shannon entropy of Y is monotonically related to that of X. The standard solution is to have C_Y evaluate C_X altogether Theta(n^2) times on independent inputs and concatenate the results (correctness follows from the asymptotic equipartition property). In this paper, we show that this is optimal among black-box constructions: Any circuit C_Y for entropy flattening that repeatedly queries C_X as an oracle requires Omega(n^2) queries.
Entropy flattening is a component used in the constructions of pseudorandom generators and other cryptographic primitives from one-way functions [Johan Håstad et al., 1999; John Rompel, 1990; Thomas Holenstein, 2006; Iftach Haitner et al., 2006; Iftach Haitner et al., 2009; Iftach Haitner et al., 2013; Iftach Haitner et al., 2010; Salil P. Vadhan and Colin Jia Zheng, 2012]. It is also used in reductions between problems complete for statistical zero-knowledge [Tatsuaki Okamoto, 2000; Amit Sahai and Salil P. Vadhan, 1997; Oded Goldreich et al., 1999; Vadhan, 1999]. The Theta(n^2) query complexity is often the main efficiency bottleneck. Our lower bound can be viewed as a step towards proving that the current best construction of pseudorandom generator from arbitrary one-way functions by Vadhan and Zheng (STOC 2012) has optimal efficiency.

Subject Classification

ACM Subject Classification
  • Theory of computation → Computational complexity and cryptography
Keywords
  • Entropy
  • One-way function

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads

References

  1. Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin, and Adam D. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput., 38(1):97-139, 2008. URL: http://dx.doi.org/10.1137/060651380.
  2. Rosario Gennaro, Yael Gertner, Jonathan Katz, and Luca Trevisan. Bounds on the efficiency of generic cryptographic constructions. SIAM J. Comput., 35(1):217-246, 2005. URL: http://dx.doi.org/10.1137/S0097539704443276.
  3. Oded Goldreich and Leonid A. Levin. A hard-core predicate for all one-way functions. In David S. Johnson, editor, Proceedings of the 21st Annual ACM Symposium on Theory of Computing, May 14-17, 1989, Seattle, Washigton, USA, pages 25-32. ACM, 1989. URL: http://dx.doi.org/10.1145/73007.73010.
  4. Oded Goldreich, Amit Sahai, and Salil P. Vadhan. Can statistical zero knowledge be made non-interactive? or on the relationship of SZK and NISZK. In Michael J. Wiener, editor, Advances in Cryptology - CRYPTO '99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15-19, 1999, Proceedings, volume 1666 of Lecture Notes in Computer Science, pages 467-484. Springer, 1999. URL: http://dx.doi.org/10.1007/3-540-48405-1_30.
  5. Oded Goldreich, Amit Sahai, and Salil P. Vadhan. Can statistical zero knowledge be made non-interactive? or on the relationship of SZK and NISZK. Electronic Colloquium on Computational Complexity (ECCC), 6(13), 1999. URL: http://eccc.hpi-web.de/eccc-reports/1999/TR99-013/index.html.
  6. Iftach Haitner, Danny Harnik, and Omer Reingold. Efficient pseudorandom generators from exponentially hard one-way functions. In Michele Bugliesi, Bart Preneel, Vladimiro Sassone, and Ingo Wegener, editors, Automata, Languages and Programming, 33rd International Colloquium, ICALP 2006, Venice, Italy, July 10-14, 2006, Proceedings, Part II, volume 4052 of Lecture Notes in Computer Science, pages 228-239. Springer, 2006. URL: http://dx.doi.org/10.1007/11787006_20.
  7. Iftach Haitner, Thomas Holenstein, Omer Reingold, Salil P. Vadhan, and Hoeteck Wee. Universal one-way hash functions via inaccessible entropy. In Henri Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30 - June 3, 2010. Proceedings, volume 6110 of Lecture Notes in Computer Science, pages 616-637. Springer, 2010. URL: http://dx.doi.org/10.1007/978-3-642-13190-5_31.
  8. Iftach Haitner, Minh-Huyen Nguyen, Shien Jin Ong, Omer Reingold, and Salil P. Vadhan. Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM J. Comput., 39(3):1153-1218, 2009. URL: http://dx.doi.org/10.1137/080725404.
  9. Iftach Haitner, Omer Reingold, and Salil P. Vadhan. Efficiency improvements in constructing pseudorandom generators from one-way functions. In Leonard J. Schulman, editor, Proceedings of the 42nd ACM Symposium on Theory of Computing, STOC 2010, Cambridge, Massachusetts, USA, 5-8 June 2010, pages 437-446. ACM, 2010. URL: http://dx.doi.org/10.1145/1806689.1806750.
  10. Iftach Haitner, Omer Reingold, and Salil P. Vadhan. Efficiency improvements in constructing pseudorandom generators from one-way functions. SIAM J. Comput., 42(3):1405-1430, 2013. URL: http://dx.doi.org/10.1137/100814421.
  11. Iftach Haitner, Omer Reingold, Salil P. Vadhan, and Hoeteck Wee. Inaccessible entropy. In Michael Mitzenmacher, editor, Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, May 31 - June 2, 2009, pages 611-620. ACM, 2009. URL: http://dx.doi.org/10.1145/1536414.1536497.
  12. Johan Håstad, Russell Impagliazzo, Leonid A. Levin, and Michael Luby. A pseudorandom generator from any one-way function. SIAM J. Comput., 28(4):1364-1396, 1999. URL: http://dx.doi.org/10.1137/S0097539793244708.
  13. Thomas Holenstein. Pseudorandom generators from one-way functions: A simple construction for any hardness. In Shai Halevi and Tal Rabin, editors, Theory of Cryptography, Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, March 4-7, 2006, Proceedings, volume 3876 of Lecture Notes in Computer Science, pages 443-461. Springer, 2006. URL: http://dx.doi.org/10.1007/11681878_23.
  14. Thomas Holenstein and Renato Renner. On the randomness of independent experiments. IEEE Trans. Information Theory, 57(4):1865-1871, 2011. URL: http://dx.doi.org/10.1109/TIT.2011.2110230.
  15. Thomas Holenstein and Makrand Sinha. Constructing a pseudorandom generator requires an almost linear number of calls. In Foundations of Computer Science (FOCS), 2012 IEEE 53rd Annual Symposium on, pages 698-707. IEEE, 2012. Google Scholar
  16. Jonathan Katz and Chiu-Yuen Koo. On constructing universal one-way hash functions from arbitrary one-way functions. IACR Cryptology ePrint Archive, 2005:328, 2005. URL: http://eprint.iacr.org/2005/328.
  17. Shachar Lovett and Jiapeng Zhang. On the impossibility of entropy reversal, and its application to zero-knowledge proofs. In Theory of Cryptography Conference, pages 31-55. Springer, 2017. Google Scholar
  18. Minh-Huyen Nguyen and Salil P. Vadhan. Zero knowledge with efficient provers. In Jon M. Kleinberg, editor, Proceedings of the 38th Annual ACM Symposium on Theory of Computing, Seattle, WA, USA, May 21-23, 2006, pages 287-295. ACM, 2006. URL: http://dx.doi.org/10.1145/1132516.1132559.
  19. Tatsuaki Okamoto. On relationships between statistical zero-knowledge proofs. J. Comput. Syst. Sci., 60(1):47-108, 2000. URL: http://dx.doi.org/10.1006/jcss.1999.1664.
  20. Shien Jin Ong and Salil P. Vadhan. An equivalence between zero knowledge and commitments. In Ran Canetti, editor, Theory of Cryptography, Fifth Theory of Cryptography Conference, TCC 2008, New York, USA, March 19-21, 2008., volume 4948 of Lecture Notes in Computer Science, pages 482-500. Springer, 2008. URL: http://dx.doi.org/10.1007/978-3-540-78524-8_27.
  21. Renato Renner and Stefan Wolf. Smooth rényi entropy and applications. In Information Theory, 2004. ISIT 2004. Proceedings. International Symposium on, page 233. IEEE, 2004. Google Scholar
  22. John Rompel. One-way functions are necessary and sufficient for secure signatures. In Harriet Ortiz, editor, Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, May 13-17, 1990, Baltimore, Maryland, USA, pages 387-394. ACM, 1990. URL: http://dx.doi.org/10.1145/100216.100269.
  23. Amit Sahai and Salil P. Vadhan. A complete promise problem for statistical zero-knowledge. In 38th Annual Symposium on Foundations of Computer Science, FOCS '97, Miami Beach, Florida, USA, October 19-22, 1997, pages 448-457. IEEE Computer Society, 1997. URL: http://dx.doi.org/10.1109/SFCS.1997.646133.
  24. Salil P. Vadhan and Colin Jia Zheng. Characterizing pseudoentropy and simplifying pseudorandom generator constructions. In Howard J. Karloff and Toniann Pitassi, editors, Proceedings of the 44th Symposium on Theory of Computing Conference, STOC 2012, New York, NY, USA, May 19 - 22, 2012, pages 817-836. ACM, 2012. URL: http://dx.doi.org/10.1145/2213977.2214051.
  25. Salil Pravin Vadhan. A study of statistical zero-knowledge proofs. PhD thesis, Citeseer, 1999. Google Scholar
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail