An Entropy Lower Bound for Non-Malleable Extractors
Abstract
A $(k,\varepsilon)$-non-malleable extractor is a function ${\sf nmExt} : \{0,1\}^n \times \{0,1\}^d \to \{0,1\}$ that takes two inputs, a weak source $X \sim \{0,1\}^n$ of min-entropy $k$ and an independent uniform seed $s \in \{0,1\}^d$, and outputs a bit ${\sf nmExt}(X, s)$ that is $\varepsilon$-close to uniform, even given the seed $s$ and the value ${\sf nmExt}(X, s')$ for an adversarially chosen seed $s' \neq s$. Dodis and Wichs~(STOC 2009) showed the existence of $(k, \varepsilon)$-non-malleable extractors with seed length $d = \log(n-k-1) + 2\log(1/\varepsilon) + 6$ that support sources of entropy $k > \log(d) + 2 \log(1/\varepsilon) + 8$. We show that the foregoing bound is essentially tight, by proving that any $(k,\varepsilon)$-non-malleable extractor must satisfy the entropy bound $k > \log(d) + 2 \log(1/\varepsilon) - \log\log(1/\varepsilon) - C$ for an absolute constant $C$. In particular, this implies that non-malleable extractors require min-entropy at least $\Omega(\log\log(n))$. This is in stark contrast to the existence of strong seeded extractors that support sources of entropy $k = O(\log(1/\varepsilon))$. Our techniques strongly rely on coding theory. In particular, we reveal an inherent connection between non-malleable extractors and error correcting codes, by proving a new lemma which shows that any $(k,\varepsilon)$-non-malleable extractor with seed length $d$ induces a code $C \subseteq \{0,1\}^{2^k}$ with relative distance $0.5 - 2\varepsilon$ and rate $\frac{d-1}{2^k}$.
- Publication:
-
arXiv e-prints
- Pub Date:
- January 2018
- DOI:
- 10.48550/arXiv.1801.03200
- arXiv:
- arXiv:1801.03200
- Bibcode:
- 2018arXiv180103200G
- Keywords:
-
- Computer Science - Computational Complexity
- E-Print:
- 14 pages, 1 figure