# How to recycle random bits

@article{Impagliazzo1989HowTR, title={How to recycle random bits}, author={Russell Impagliazzo and David Zuckerman}, journal={30th Annual Symposium on Foundations of Computer Science}, year={1989}, pages={248-253} }

It is shown that modified versions of the linear congruential generator and the shift register generator are provably good for amplifying the correctness of a probabilistic algorithm. More precisely, if r random bits are needed for a BPP algorithm to be correct with probability at least 2/3, then O(r+k/sup 2/) bits are needed to improve this probability to 1-2/sup -k/. A different pseudorandom generator that is optimal, up to a constant factor, in this regard is also presented. It uses only O(r…

## 395 Citations

### Deterministic extractors for bit-fixing sources and exposure-resilient cryptography

- Mathematics, Computer Science44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings.
- 2003

An efficient deterministic algorithm which extracts almost-random bits from sources where n/sup 1/2 + /spl gamma// of the n bits are uniformly random and the rest are fixed in advance is given.

### Impossibility results for recycling random bits in two-prover proof systems

- Computer ScienceSTOC '95
- 1995

The great success enjoyed by general techniques for recycling random bits in other contexts meets its limits when MIP(2, 1) proof systems are concerned, and parallel repetition using pseudo- random bits cannot reduce the error below a constant, regardless of the nature of the pseudo-random source.

### How to Privatize Random Bits

- Computer Science, Mathematics
- 1996

The existence of strong randomized hard functions and pseudo-random generators are shown and it is shown that relative to a random oracle P/poly is not measurable in $EXP$ in the resource-bounded theoretical sense and a very strong separation between sublinear time and $AC^0$ is obtained.

### Randomness-optimal oblivious sampling

- Computer Science, MathematicsRandom Struct. Algorithms
- 1997

This work presents the first efficient oblivious sampler that uses an optimal number of random bits, up to an arbitrary constant factor bigger than 1, and gives applications to constructive leader election and reducing randomness in interactive proofs.

### Randomness-optimal sampling, extractors, and constructive leader election

- Computer ScienceSTOC '96
- 1996

A constructive O(log n) round protocol for leader election in the full information model that is resilient against any coalition of size /3n for any constant ~ < 1/2 and gives two applications of these tools.

### On the Power of the Randomized Iterate

- Computer Science, MathematicsSIAM J. Comput.
- 2005

This paper revisits a technique that was used in to give a construction of pseudorandom generators from regular one-way functions and uses the randomized iterate to replace the basic building block of the [HILL99] construction.

### Recycling random bits in parallel

- Computer Science, MathematicsProceedings of the Twenty-Eighth Annual Hawaii International Conference on System Sciences
- 1995

Shows that r pseudo-random bits can be obtained by concatenating t blocks of r/t pseudo-random bits, where the blocks are generated in parallel. This can be considered as a parallel version of R.…

### Deterministic amplification of space-bounded probabilistic algorithms

- Computer ScienceProceedings. Fourteenth Annual IEEE Conference on Computational Complexity (Formerly: Structure in Complexity Theory Conference) (Cat.No.99CB36317)
- 1999

It is proved that any black-box amplification method that uses O(r) random bits and makes at most p parallel simulations reduces the error to at most /spl epsiv//sup O(p)/.

### A pseudorandom generator construction based on randomness extractors and combinatorial designs

- Computer Science, Mathematics
- 2006

This work studies the construction of pseudorandom generators, and uses an observation of Sudan et al. to recast the Impagliazzo-Wigderson construction in terms of weak sources of randomness; such a source is a distribution on binary strings that is "random" in the sense of having high "entropy".

### Randomness-Efficient Sampling within NC1

- Computer Science, Mathematicscomputational complexity
- 2007

A randomness-efficient averaging sampler that is computable by uniform constant-depth circuits with parity gates is constructed, allowing us to apply a variety expander-based techniques within NC1.

## References

SHOWING 1-10 OF 25 REFERENCES

### How to generate cryptographically strong sequences of pseudo random bits

- Computer Science, Mathematics23rd Annual Symposium on Foundations of Computer Science (sfcs 1982)
- 1982

A more operative definition of Randomness should be pursued in the light of modern Complexity Theory.

### Realistic analysis of some randomized algorithms

- Computer Science, MathematicsJ. Comput. Syst. Sci.
- 1991

The results below apply to sequences generated by iteratively applying functions of the form ƒ = &agr;&khgr; + &bgr; (mod p) to a randomly chosen seed x, and estimate the probability that a predetermined number of trials of an algorithm will fail.

### Deterministic simulation in LOGSPACE

- Computer Science, MathematicsSTOC
- 1987

In this paper we show that a wide class of probabilistic algorithms can be simulated by deterministic algorithms. Namely if there is a test in LOGSPACE so that a random sequence of length (log n)2 /…

### Pseudo-random generation from one-way functions

- Computer Science, MathematicsSTOC '89
- 1989

From one-way functions of type (1) or (2) it is shown how to construct pseudo-random generators secure against small circuits or fast algorithms, respectively, and vice-versa.

### On Using Deterministic Functions to Reduce Randomness in Probabilistic Algorithms

- Mathematics, Computer ScienceInf. Comput.
- 1987

### Randomized algorithms and pseudorandom numbers

- Computer Science, MathematicsSTOC '88
- 1988

This work assumes that a (small) random seed is available to start up a simple pseudorandom number generator which is then used for the randomized algorithm.

### Linear Congruential Generators Do Not Produce Random Sequences

- Computer Science, MathematicsFOCS
- 1984

This paper discusses the predictability of the sequence given only a constant proportion /spl alpha/ of the leading bits of the first few numbers generated, and shows that the rest of the sequences is predictable in polynomial time, almost always.

### Dispersers, deterministic amplification, and weak random sources

- Computer Science30th Annual Symposium on Foundations of Computer Science
- 1989

The use of highly expanding bipartite multigraphs (called dispersers) to reduce greatly the error of probabilistic algorithms at the cost of few additional random bits is treated. Explicit…

### Theory and application of trapdoor functions

- Computer Science, Mathematics23rd Annual Symposium on Foundations of Computer Science (sfcs 1982)
- 1982

A new information theory is introduced and the concept of trapdoor functions is studied and applications of such functions in cryptography, pseudorandom number generation, and abstract complexity theory are examined.