On the existence of pseudorandom generators

Abstract

Pseudorandom generators are known to exist, assuming the existence of functions that cannot be efficiently inverted on the distributions induced by applying the function iteratively polynomially many times. This sufficient condition is also necessary, but it is difficult to check whether particular functions, assumed to be one-way, are also one-way on their iterates. This raises the fundamental question of whether the mere existence of one-way functions suffices for the construction of pseudorandom generators. Progress toward resolving this question is presented. Regular functions in which every image of a k-bit string has the same number of preimages of length k are considered. It is shown that if a regular function is one-way, then pseudorandom generators do exist. In particular, assuming the intractability of general factoring, it can be proved that the pseudorandom generators do exist. Another application is the construction of a pseudorandom generator based on the assumed intractability of decoding random linear codes.