How to get more mileage from randomness extractors

Ronen Shaltiel
2008 Random structures & algorithms (Print)  
Let C be a class of distributions over {0, 1} n . A deterministic randomness extractor for C is a function E : {0, 1} n → {0, 1} m such that for any X in C the distribution E(X) is statistically close to the uniform distribution. A long line of research deals with explicit constructions of such extractors for various classes C while trying to maximize m. In this paper we give a general transformation that transforms a deterministic extractor E that extracts "few" bits into an extractor E that
more » ... tracts "almost all the bits present in the source distribution". More precisely, we prove a general theorem saying that if E and C satisfy certain properties, then we can transform E into an extractor E . Our methods build on (and generalize) a technique of Gabizon, Raz and Shaltiel (FOCS 2004) that present such a transformation for the very restricted class C of "oblivious bit-fixing sources". The high level idea is to find properties of E and C which allow "recycling" the output of E so that it can be "reused" to operate on the source distribution. An obvious obstacle is that the output of E is correlated with the source distribution. Using our transformation we give an explicit construction of a two-source extractor E : {0, 1} n × {0, 1} n → {0, 1} m such that for every two independent distributions X 1 and X 2 over {0, 1} n with min-entropy at least k = (1/2 + δ)n and ≤ 2 − log 4 n , E(X 1 , X 2 ) is -close to the uniform distribution on m = 2k − C δ log(1/ ) bits. This result is optimal except for the precise constant C δ and improves previous results by Chor and Goldreich (SICOMP 1988), Vazirani (Combinatorica 1987) and Dodis et al. (RANDOM 2004). We also give explicit constructions of extractors for samplable distributions that extract many bits even out of "low-entropy" samplable distributions. These constructions rely on a average case hardness assumptions and extend some previous results by Trevisan and Vadhan (FOCS 2000) that give such extractors only for distributions with "high entropy". * A preliminary version of this paper appeared in 21st IEEE Conference on Computational Complexity. † This research was supported by BSF grant 2004329. 1 Two distributions P and Q over {0, 1} m are -close (denoted by P ∼ Q) if for every event A ⊆ {0, 1} m , |P (A) − Q(A)| ≤ .
doi:10.1002/rsa.20207 fatcat:ekydvlvjzfbuthkgi6kzvoqe6a