We provide a formal treatment of backdoored pseudorandom generators (PRGs). Here a
saboteur chooses a PRG instance for which she knows a trapdoor that allows prediction of …

Inspired by the Dual EC DBRG incident, Dodis et al.(Eurocrypt 2015) initiated the formal
study of backdoored PRGs, showing that backdoored PRGs are equivalent to public key …

Local pseudorandom generators allow to expand a short random string into a long pseudo-
random string, such that each output bit depends on a constant number d of input bits. Due …

It is well known that two random variables X and Y with the same range can be viewed as
being equal (in a well-defined sense) with probability 1− d (X, Y), where d (X, Y) is their …

Computational extractors are efficient procedures that map a source of sufficiently high min-
entropy to an output that is computationally indistinguishable from uniform. By relaxing the …

Randomness plays an important role in multiple applications in cryptography. It is required
in fundamental tasks such as key generation, masking and hiding values, nonces and …

Abstract The famous Leftover Hash Lemma (LHL) states that (almost) universal hash
functions are good randomness extractors. Despite its numerous applications, LHL-based …

Verifiable random functions (VRFs) are pseudorandom functions with the additional property
that the owner of the seed SK can issue publicly-verifiable proofs for the statements “f (SK …

We present lower bounds on the efficiency of constructions for Pseudo-Random Generators
(PRGs) and Universal One-Way Hash Functions (UOWHFs) based on black-box access to …

A pseudo-random number generator (PRNG) is a deterministic algorithm that produces
numbers whose distribution is indistinguishable from uniform. A formal security model for …