How to Generate Cryptographically Strong Sequences of Pseudorandom Bits

Authors

Manuel Blum, Silvio Micali

Type: Article

Publication Date: 1984-11-01

Citations: 1371

DOI: https://doi.org/10.1137/0213053

View

Abstract

We give a set of conditions that allow one to generate 50–50 unpredictable bits.Based on those conditions, we present a general algorithmic scheme for constructing polynomial-time deterministic algorithms that stretch a short secret random input into a long sequence of unpredictable pseudo-random bits. We give an implementation of our scheme and exhibit a pseudo-random bit generator for which any efficient strategy for predicting the next output bit with better than 50–50 chance is easily transformable to an “equally efficient” algorithm for solving the discrete logarithm problem. In particular: if the discrete logarithm problem cannot be solved in probabilistic polynomial time, no probabilistic polynomial-time algorithm can guess the next output bit better than by flipping a coin: if “head” guess “0”, if “tail” guess “1”

Locations

SIAM Journal on Computing
View

Similar Works

Action	Title	Date	Authors
+	Cryptology and number sequences: Pseudorandom, random, and perfectly random	1984-02-01	Sig Porter
+ PDF Ask	How to construct random functions	1986-08-10	Oded Goldreich Shafi Goldwasser Silvio Micali
+	High-Speed Pseudorandom Number Generation with Small Memory	1999-01-01	William Aiello S. Rajagopalan Ramarathnam Venkatesan
+	Pseudo-random generators for all hardnesses	2005-08-25	C. Umans
+ PDF Ask	Pseudorandom Strings from Pseudorandom Quantum States	2023-01-01	Prabhanjan Ananth Yao-Ting Lin Henry Yuen
+ PDF Ask	Practical private randomness generation	2011-11-25	Stefano Pironio Serge Massar
+ PDF Ask	Polynomial-Time Pseudodeterministic Construction of Primes	2023-01-01	Lijie Chen Zhenjian Lu Igor Carboni Oliveira Hanlin Ren Rahul Santhanam
+ PDF Ask	Pseudo-Deterministic One-Way Functions from Pseudorandom States	2023-01-01	Mohammed Barhoush Louis Salvail
+ PDF Ask	Simple extractors via constructions of cryptographic pseudo-random generators	2009-10-29	Marius Zimand
+	Pseudorandom Bits and Sequences	2018-11-17	Alfred Menezes Paul C. van Oorschot Scott A. Vanstone
+	Pseudorandom Bits and Sequences	2018-12-07	Alfred Menezes Paul C. van Oorschot Scott A. Vanstone
+	Pseudorandom Bits and Sequences	1996-10-16
+	Impossibility and Optimality Results on Constructing Pseudorandom Permutations	2007-11-15	Yuliang Zheng Tsutomu Matsumoto Hideki Imai
+ PDF Ask	Polynomial-Time Pseudodeterministic Construction of Primes	2023-11-06	Lijie Chen Zhenjian Lu Igor Carboni Oliveira Hanlin Ren Rahul Santhanam
+	On the Existence of Pseudorandom Generators	1993-12-01	Oded Goldreich Hugo Krawczyk Michael Luby
+	The Guessing Secrets problem: a probabilistic approach	2004-04-26	Alberto Del Lungo Guy Louchard Claudio Marini Franco Montagna
+	SP 800-90A. Recommendation for Random Number Generation Using Deterministic Random Bit Generators	2012-01-01	Elaine B. Barker John Kelsey
+ PDF Ask	Simple extractors via constructions of cryptographic pseudo-random generators	2005-01-01	Marius Zimand
+ PDF Ask	Randen - fast backtracking-resistant random generator with AES+Feistel+Reverie	2018-01-01	Emmanuel Mogenet Jan Wassenberg Jyrki Alakuijala Robert Obryk
+	Generating deterministically certified primes	1994-01-01

Cited by (40)

Action	Title	Date	Authors
+ PDF Ask	The Monte Carlo Algorithm with a Pseudorandom Generator	1992-01-01	J. F. Traub H. Wozniakowski
+ PDF Ask	Pseudorandomness for Approximate Counting and Sampling	2006-12-01	Ronen Shaltiel Christopher Umans
+ PDF Ask	How to construct random functions	2019-10-09	Oded Goldreich Shafi Goldwasser Silvio Micali
+	Random Walks and Rapid Mixing	2011-08-11	Cristopher Moore Stephan Mertens
+	Adaptively secure multi-party computation	1996-01-01	Ran Canetti Uri Feige Oded Goldreich Moni Naor
+	On the Existence of Pseudorandom Generators	1993-12-01	Oded Goldreich Hugo Krawczyk Michael Luby
+ PDF Ask	Sub-computable Boundedness Randomness	2014-12-24	Sam Buss Douglas Cenzer Jeffrey B. Remmel
+	Limits on the provable consequences of one-way permutations (invited talk)	1990-02-01	Russell Impagliazzo Steven Rudich
+ PDF Ask	An Average Case NP-complete Graph Problem	2001-12-02	Leonid A. Levin Ramarathnam Venkatesan
+	Random instances of a graph coloring problem are hard	1988-01-01	Ramarathnam Venkatesan Leonid A. Levin
+	High-Speed Pseudorandom Number Generation with Small Memory	1999-01-01	William Aiello S. Rajagopalan Ramarathnam Venkatesan
+	One-way functions are necessary and sufficient for secure signatures	1990-01-01	John Rompel
+	Learning Significant Fourier Coefficients over Finite Abelian Groups	2016-01-01	Adi Akavia
+	Resource bounded randomness and computational complexity	2000-04-01	Yongge Wang
+	Zufall oder Unordnung?	1995-01-01	Peter J. Huber
+ PDF Ask	Book Review: Kolmogorov complexity and algorithmic randomness	2019-09-23	J. Maurice Rojas
+ PDF Ask	All Bits in ax + b mod p are Hard	1996-01-01	Mats Näslund
+	How to Construct Pseudorandom Permutations from Single Pseudorandom Functions	1991-01-01	Josef Pieprzyk
+ PDF Ask	One-way permutations on elliptic curves	1991-01-01	Burton S. Kaliski
+	Several Generalizations of Weil Sums	1994-10-01	Fan Chung
+	Improved Algorithms via Approximations of Probability Distributions	2000-08-01	Suresh Chari Pankaj Rohatgi Aravind Srinivasan
+ PDF Ask	The vulnerability of geometric sequences based on fields of odd characteristic	1994-12-01	Andrew Klapper
+	The Discrete Logarithm Problem	1993-01-01	Ian F. Blake Xuhong Gao Ronald C. Mullin Scott A. Vanstone Tomik Yaghoobian
+ PDF Ask	Enhancements of Trapdoor Permutations	2012-09-12	Oded Goldreich Ron D. Rothblum
+	Amortizing randomness in private multiparty computations	1998-01-01	Eyal Kushilevitz Rafail Ostrovsky Adi Rosén
+	Learning Significant Fourier Coefficients over Finite Abelian Groups	2008-01-01	Adi Akavia
+	Some consequences of the existence of pseudorandom generators	1987-01-01	Eric Allender
+	Efficient Multiparty Protocols via Log-Depth Threshold Formulae.	2013-01-01	Gil Cohen Ivan Damgård Yuval Ishai Jonas Kölker Peter Bro Miltersen Ran Raz Ron D. Rothblum
+	The Grand Unified Theory of Computation	2011-08-11	Moore Cristopher
+ PDF Ask	The Complexity of Explicit Constructions	2011-11-17	Rahul Santhanam
+	On Derandomizing Probabilistic Sublinear-Time Algorithms	2007-06-01	Marius Zimand
+	DESIGNING AN OPTIMUM ACCEPTANCE SAMPLING PLAN USING BAYESIAN INFERENCES AND STOCHASTIC DYNAMIC PROGRAMMING APPROACH	2009-01-01	Arash Mirabdolah Lavasani Taraneh Eghlidos
+ PDF Ask	Distribution of the error in estimated numbers of fixed points of the discrete logarithm	2004-12-01	Joshua Holden
+	Deniable Ring Signatures	2007-01-01	Eitan Reich
+ PDF Ask	Number-Theoretic Algorithms	1990-06-01	Eric Bach
+	Optimization and Approximation	2011-08-11	Cristopher Moore Stephan Mertens
+	Lectures on survival analysis	1994-01-01	Richard D. Gill
+	On the hardness of computing the permanent of random matrices	1996-06-01	Uriel Feige Carsten Lund
+	Prologue	2011-08-11	Cristopher Moore Stephan Mertens
+	Deterministic approximation of the cover time	2003-05-09	Uriel Feige Yuri Rabinovich

Citing (3)

Action	Title	Date	Authors
+	Approximate formulas for some functions of prime numbers	1962-03-01	J. Barkley Rosser Lowell Schoenfeld
+	Solved and Unsolved Problems in Number Theory.	1964-06-01	W. J. LeVeque Daniel Shanks
+	Theory and application of trapdoor functions	1982-11-01	Andrew Chi-Chih Yao