|
|
| Line 1: |
Line 1: |
| {{Cleanup|date=January 2010}}
| | It involves expertise and knowledge of various tools and technologies used for creating websites. Offshore expert Word - Press developers high level of interactivity, accessibility, functionality and usability of our website can add custom online to using. Should you go with simple HTML or use a platform like Wordpress. In the recent years, there has been a notable rise in the number of companies hiring Indian Word - Press developers. You can easily customize the titles of the posts in Word - Press blog in a way that only title comes in the new post link and not the date or category of posts. <br><br> |
|
| |
|
| A '''randomness extractor''', often simply called an "extractor", is a function, which being applied to output from a weakly random [[information entropy|entropy]] source, together with a short, uniformly random seed, generates a highly [[random]] output that appears [[Independent and identically distributed random variables|independent]] from the source and [[Uniform distribution (discrete)|uniformly distributed]].<ref>{{cite web|url=http://portal.acm.org/citation.cfm?coll=GUIDE&dl=GUIDE&id=796582 |title=Extracting randomness from sampleable distributions |publisher=Portal.acm.org |date= |accessdate=2012-06-12}}</ref> Examples of weakly random sources include [[radioactive decay]] or [[thermal noise]]; the only restriction on possible sources is that there is no way they can be fully controlled, calculated or predicted, and that a lower bound on their entropy rate can be established. For a given source, a randomness extractor can even be considered to be a true random number generator ([[TRNG]]); but there is no single extractor, which has been proven to produce truly random output from any type of weakly random source.
| | Thus, it is imperative that you must Hire Word - Press Developers who have the expertise and proficiency in delivering theme integration and customization services. Infertility can cause a major setback to the couples due to the inability to conceive. A Wordpress plugin is a software that you can install into your Wordpress site. You can up your site's rank with the search engines by simply taking a bit of time with your site. Now a days it has since evolved into a fully capable CMS platform which make it, the best platform in the world for performing online business. <br><br>It is also popular because willing surrogates,as well as egg and sperm donors,are plentiful. By using Word - Press MLM websites or blogs, you and your companies presence on the internet can be created swiftly and simply. If Gandhi was empowered with a blogging system, every event in his life would have been minutely documented so that it could be recounted to the future generations. Every single Theme might be unique, providing several alternatives for webpage owners to reap the benefits of in an effort to instantaneously adjust their web page appear. If you loved this article and you would like to obtain more information with regards to [http://786.pw//wordpress_backup_plugin_6396331 wordpress dropbox backup] kindly stop by the web site. Converting HTML to Word - Press theme for your website can allow you to enjoy the varied Word - Press features that aid in consistent growth your online business. <br><br>If all else fails, please leave a comment on this post with the issue(s) you're having and help will be on the way. As an example, if you are promoting a product that cures hair-loss, you most likely would not wish to target your adverts to teens. Specialty about our themes are that they are easy to load, compatible with latest wordpress version and are also SEO friendly. Word - Press is the most popular open source content management system (CMS) in the world today. Wordpress template is loaded with lots of prototype that unite graphic features and content area. <br><br>A sitemap is useful for enabling web spiders and also on rare occasions clients, too, to more easily and navigate your website. If you operate a website that's been built on HTML then you might have to witness traffic losses because such a site isn't competent enough in grabbing the attention of potential consumers. You can select color of your choice, graphics of your favorite, skins, photos, pages, etc. You should stay away from plugins that are full of flaws and bugs. 95, and they also supply studio press discount code for their clients, coming from 10% off to 25% off upon all theme deals. |
| | |
| Sometimes the term "bias" is used to denote a weakly random source's departure from uniformity, and in older literature, some extractors are called '''unbiasing algorithms''',<ref>David K. Gifford, Natural Random Numbers, MIT/LCS/TM-371, Massachusetts Institute of Technology, August 1988.</ref> as they take the randomness from a so-called "biased" source and output a distribution that appears unbiased. The weakly random source will always be longer than the extractor's output, but an efficient extractor is one that lowers this ratio of lengths as much as possible, while simultaneously keeping the seed length low. Intuitively, this means that as much randomness as possible has been "extracted" from the source.
| |
| | |
| Note that an extractor has some conceptual similarities with a [[pseudorandom generator]] (PRG), but the two concepts are not identical. Both are functions that take as input a small, uniformly random seed and produce a longer output that "looks" uniformly random. Some pseudorandom generators are, in fact, also extractors. (When a PRG is based on the existence of [[hard-core predicate]]s, one can think of the weakly random source as a set of truth tables of such predicates and prove that the output is statistically close to uniform.<ref>{{cite web| url=http://theory.stanford.edu/~trevisan/pubs/extractor-full.pdf| title= Extractors and Pseudorandom Generators|author = Luca Trevisan| accessdate=2013-10-21}}</ref>) However, the general PRG definition does not specify that a weakly random source must be used, and while in the case of an extractor, the output should be [[statistically close]] to uniform, in a PRG it is only required to be [[computationally indistinguishable]] from uniform, a somewhat weaker concept.
| |
| | |
| [[NIST]] Special Publication 800-90B (draft) recommends several extractors, including the [[Secure Hash Algorithm|SHA]] hash family and states that if the amount of entropy input is twice the number of bits output from them, that output can be considered essentially fully random.<ref>[http://csrc.nist.gov/publications/drafts/800-90/draft-sp800-90b.pdf Recommendation for the Entropy Sources Used for Random Bit Generation (draft) NIST SP800-90B], Barker and Kelsey, August 2012, Section 6.4.2</ref>
| |
| | |
| ==Formal definition of extractors==
| |
| The [[min-entropy]] of a distribution <math>X</math> (denoted <math>H_{\infty}(X)</math>), is the largest real number <math>k</math> such that <math>\Pr[X =x] \leq 2^{-k}</math> for every <math>x</math> in the range of <math>X</math>. In essence, this measures how likely <math>X</math> is to take its most likely value, giving a worst-case bound on how random <math>X</math> appears. Letting <math>U_{\ell}</math> denote the uniform distribution over <math>\{0, 1 \}^{\ell}</math>, clearly <math> H_{\infty}(U_{\ell}) = \ell</math>.
| |
| | |
| For an ''n''-bit distribution <math>X</math> with min-entropy ''k'', we say that <math>X</math> is an <math>(n, k)</math> distribution.
| |
| | |
| '''Definition (Extractor):''' '''(''k'', ''ε'')-extractor'''
| |
| | |
| Let <math>\text{Ext}: \{0,1\}^n \times \{0,1\}^d \to \{0,1\}^m</math>
| |
| be a function that takes as input a sample from an <math>(n, k)</math> distribution <math>X</math> and a ''d''-bit seed from <math>U_d</math>, and outputs an ''m''-bit string. | |
| <math>\text{Ext}</math> is a '''(''k'', ''ε'')-extractor''', if for all <math>(n, k)</math> distributions <math>X</math>, the output distribution of <math>\text{Ext}</math> is ''ε''-close to <math>U_m</math>.
| |
| | |
| In the above definition, ''ε''-close refers to [[Total variation distance|statistical distance]].
| |
| | |
| Intuitively, an extractor takes a weakly random ''n''-bit input and a short, uniformly random seed and produces an ''m''-bit output that looks uniformly random. The aim is to have a low <math>d</math> (i.e. to use as little uniform randomness as possible) and as high an <math>m</math> as possible (i.e. to get out as many close-to-random bits of output as we can).
| |
| | |
| ===Strong extractors===
| |
| An extractor is strong if [[Concatenation|concatenating]] the seed with the extractor's output yields a distribution that is still close to uniform.
| |
| | |
| '''Definition (Strong Extractor):''' A <math>(k, \epsilon)</math>-strong extractor is a function
| |
| | |
| : <math> \text{Ext}: \{0,1\}^n \times \{0,1\}^d \rightarrow \{0,1\}^m \, </math>
| |
| | |
| such that for every <math>(n, k)</math> distribution <math>X</math> the distribution <math>U_d \circ \text{Ext}(X, U_d)</math> (the two copies of <math>U_d</math> denote the same random variable) is <math>\epsilon</math>-close to the uniform distribution on <math>\{0,1\}^{m+d}</math>.
| |
| | |
| ===Explicit extractors===
| |
| Using the [[probabilistic method]], it can be shown that there exists a (''k'', ''ε'')-extractor, i.e. that the construction is possible. However, it is usually not enough merely to show that an extractor exists. An explicit construction is needed, which is given as follows:
| |
| | |
| '''Definition (Explicit Extractor):''' For functions ''k''(''n''), ''ε''(''n''), ''d''(''n''), ''m''(''n'') a family Ext = {Ext<sub>''n''</sub>} of functions
| |
| | |
| : <math>\text{Ext}_n : \{0,1\}^n \times \{0,1\}^{d(n)} \rightarrow \{0,1\}^{m(n)}</math>
| |
| | |
| is an explicit (''k'', ''ε'')-extractor, if Ext(''x'', ''y'') can be computed in [[polynomial time]] (in its input length) and for every ''n'', Ext<sub>''n''</sub> is a (''k''(''n''), ''ε''(''n''))-extractor.
| |
| | |
| By the probabilistic method, it can be shown that there exists a (''k'', ''ε'')-extractor with seed length
| |
| | |
| : <math>d = \log{(n-k)}+2\log \left(\frac{1}{\varepsilon}\right) +O(1)</math>
| |
| | |
| and output length
| |
| | |
| : <math>m = k +d-2\log \left(\frac{1}{\varepsilon}\right) - O(1)</math>.<ref>Ronen Shaltiel. Recent developments in explicit construction of extractors. P. 5.</ref>
| |
| | |
| ===Dispersers===
| |
| Another variant of the randomness extractor is the [[disperser]].
| |
| | |
| ==Randomness extractors in cryptography==
| |
| One of the most important aspects of [[cryptography]] is random [[key generation]].<ref>Jesse Kamp and David Zuckerman. Deterministic Extractors for Bit-Fixing Sources and Exposure-Resilient Cryptography.,SIAM J. Comput.,Vol. 36, No. 5, pp. 1231–1247.</ref> It is often necessary to generate secret and random keys from sources that are semi-secret or which may be compromised to some degree. By taking a single, short (and secret) random key as a source, an extractor can be used to generate a longer pseudo-random key, which then can be used for public key encryption. More specifically, when a strong extractor is used its output will appear be uniformly random, even to someone who sees part (but not all) of the source. For example, if the source is known but the seed is not known (or vice versa). This property of extractors is particularly useful in what is commonly called '''Exposure-Resilient''' cryptography in which the desired extractor is used as an '''Exposure-Resilient Function''' (ERF). Exposure-Resilient cryptography takes into account that the fact that it is difficult to keep secret the initial exchange of data which often takes place during the initialization of an [[encryption]] application e.g., the sender of encrypted information has to provide the receivers with information which is required for decryption.
| |
| | |
| The following paragraphs define and establish an important relationship between two kinds of ERF--'''''k''-ERF''' and '''''k''-APRF'''--which are useful in Exposure-Resilient cryptography.
| |
|
| |
| '''Definition (''k''-ERF):''' ''An adaptive k-ERF is a function'' <math>f</math> ''where, for a random input'' <math>r</math> '', when a computationally unbounded adversary'' <math>A</math> ''can adaptively read all of'' <math>r</math> ''except for'' <math>k</math> ''bits,'' <math>|\Pr\{A^{r}(f(r)) = 1\} - \Pr\{A^{r}(R) = 1\}| \leq \epsilon(n)</math> ''for some negligible function'' <math>\epsilon(n)</math> (defined below).
| |
| | |
| The goal is to construct an adaptive ERF whose output is highly random and uniformly distributed. But a stronger condition is often needed in which every output occurs with almost uniform probability. For this purpose '''Almost-Perfect Resilient Functions''' (APRF) are used. The definition of an APRF is as follows:
| |
| | |
| '''Definition (k-APRF):''' ''A'' <math>k = k(n)</math> ''APRF is a function'' <math>f</math> ''where, for any setting of'' <math>n-k</math> ''bits of the input'' <math>r</math> ''to any fixed values, the probability vector'' <math>p</math> ''of the output'' <math>f(r)</math> ''over the random choices for the'' <math>k</math> ''remaining bits satisfies'' <math>|p_{i}-2^{-m}| < 2^{-m} \epsilon(n)</math> ''for all'' <math>i</math> ''and for some negligible function'' <math>\epsilon(n)</math>.
| |
| | |
| Kamp and Zuckerman<ref name="David Zuckerman 1242">Jesse Kamp and David Zuckerman. Deterministic Extractors for Bit-Fixing Sources and Exposure-Resilient Cryptography. P. 1242.</ref> have proved a theorem stating that if a function <math>f</math> is a ''k''-APRF, then <math>f</math> is also a ''k''-ERF. More specifically, ''any'' extractor having sufficiently small error and taking as input an ''oblivious'', bit-fixing source is also an APRF and therefore also a ''k''-ERF. A more specific extractor is expressed in this lemma:
| |
| | |
| '''Lemma:''' ''Any'' <math>2^{-m} \epsilon(n)</math>''-extractor'' <math>f: \{0,1\}^{n} \rightarrow \{0,1\}^m</math> ''for the set of'' <math>(n,k)</math> ''oblivious bit-fixing sources, where'' <math>\epsilon(n)</math> ''is negligible, is also a k-APRF.''
| |
| | |
| This lemma is proved by Kamp and Zuckerman.<ref name="David Zuckerman 1242"/> The lemma is proved by examining the distance from uniform of the output, which in a <math>2^{-m} \epsilon(n)</math>-extractor obviously is at most<math>2^{-m} \epsilon(n)</math>, which satisfies the condition of the APRF.
| |
| | |
| The lemma leads to the following theorem, stating that there in fact exists a ''k''-APRF function as described:
| |
| | |
| '''Theorem (existence):''' ''For any positive constant'' <math>\gamma \leq \frac{1}{2}</math>'', there exists an explicit k-APRF'' <math>f: \{0,1\}^{n} \rightarrow \{0,1\}^{m}</math>'', computable in a linear number of arithmetic operations on'' <math>m</math>''-bit strings, with'' <math>m = \Omega(n^{2\gamma})</math> ''and'' <math>k = n^{\frac{1}{2}+\gamma}</math>.
| |
| | |
| '''Definition (negligible function):''' In the proof of this theorem, we need a definition of a [[negligible function]]. A function <math>\epsilon(n)</math> is defined as being negligible if <math>\epsilon(n) = O(\frac{1}{n^{c}})</math> for all constants <math>c</math>.
| |
| | |
| '''Proof:'''
| |
| Consider the following <math>\epsilon</math>-extractor: The function <math>f</math> is an extractor for the set of <math>(n,\delta n)</math> oblivious bit-fixing source: <math>f: \{0,1\}^{n} \rightarrow \{0,1\}^{m}</math>. <math>f</math> has <math>m = \Omega(\delta^{2}n)</math>, <math>\epsilon = 2^{-cm}</math> and <math>c > 1</math>.
| |
| | |
| The proof of this extractor's existence with <math>\delta \leq 1</math>, as well as the fact that it is computable in linear computing time on the length of <math>m</math> can be found in the paper by Jesse Kamp and David Zuckerman (p. 1240).
| |
| | |
| That this extractor fulfills the criteria of the lemma is trivially true as <math>\epsilon = 2^{-cm}</math> is a negligible function.
| |
| | |
| The size of <math>m</math> is:
| |
|
| |
| : <math>m = \Omega(\delta^{2}n) = \Omega(n) \geq \Omega(n^{2\gamma})</math>
| |
| | |
| Since we know <math>\delta \leq 1</math> then the lower bound on <math>m</math> is dominated by <math>n</math>. In the last step we use the fact that <math>\gamma \leq \frac{1}{2}</math> which means that the power of <math>n</math> is at most <math>1</math>. And since <math>n</math> is a positive integer we know that <math>n^{2\gamma}</math> is at most <math>n</math>.
| |
| | |
| The value of <math>k</math> is calculated by using the definition of the extractor, where we know:
| |
| | |
| : <math>(n,k) = (n, \delta n) \Rightarrow k = \delta n</math>
| |
| | |
| and by using the value of <math>m</math> we have: | |
| | |
| : <math>m = \delta^{2}n = n^{2\gamma}</math>
| |
| | |
| Using this value of <math>m</math> we account for the worst case, where <math>k</math> is on its lower bound. Now by algebraic calculations we get:
| |
| | |
| : <math>\delta^{2}n = n^{2\gamma}</math>
| |
| | |
| : <math>\Rightarrow \delta^2 = n^{2\gamma -1}</math>
| |
| | |
| : <math>\Rightarrow \delta = n^{\gamma -\frac{1}{2}}</math>
| |
| | |
| Which inserted in the value of <math>k</math> gives
| |
| | |
| : <math>k = \delta n = n^{\gamma -\frac{1}{2}}n = n^{\gamma +\frac{1}{2}}</math>,
| |
| | |
| which proves that there exists an explicit k-APRF extractor with the given properties. <math>\Box</math>
| |
| | |
| ==Examples==
| |
| | |
| ===Von Neumann extractor===
| |
| {{details|Bernoulli sequence}}
| |
| Perhaps the earliest example is due to [[John von Neumann]]. His extractor took successive pairs of consecutive bits (non-overlapping) from the input stream. If the two bits matched, no output was generated. If the bits differed, the value of the first bit was output. The Von Neumann extractor can be shown to produce a uniform output even if the distribution of input bits is not uniform so long as each bit has the same probability of being one and there is no [[correlation]] between successive bits.<ref>John von Neumann. Various techniques used in connection with random digits. Applied
| |
| Math Series, 12:36–38, 1951.</ref>
| |
| | |
| Thus, it takes as input a [[Bernoulli sequence]] with ''p'' not necessarily equal to 1/2, and outputs a Bernoulli sequence with <math>p = 1/2.</math>
| |
| More generally, it applies to any [[exchangeable random variables|exchangeable sequence]] – it only relies on the fact that for any pair, 01 and 10 are ''equally'' likely: for independent trials, these have probabilities <math>p\cdot q = q\cdot p</math>, while for an exchangeable sequence the probability may be more complicated, but both are equally likely.
| |
| | |
| ===Cryptographic hash===
| |
| Another approach is to fill a buffer with bits from the input stream and then apply a [[cryptographic hash]] to the buffer and use its output. This approach generally depends on assumed properties of the hash function.
| |
| | |
| ==Applications==
| |
| | |
| Randomness extractors are used widely in cryptographic applications, whereby a [[cryptographic hash]] function is applied to a high-entropy, but non-uniform source, such as disk drive timing information or keyboard delays, to yield a uniformly random result.
| |
| | |
| Randomness extractors have played a part in recent developments in [[quantum cryptography]], where photons are used by the randomness extractor to generate secure random bits.[http://newsroom.spie.org/x4741.xml?highlight=x535]
| |
| | |
| Randomness extraction is also used in some branches of [[computational complexity theory]].
| |
| | |
| Random extraction is also used to convert data to a simple random sample, which is normally distributed, and independent, which is desired by statistics.
| |
| | |
| ==See also==
| |
| * [[Decorrelation]]
| |
| * [[Hardware random number generator]]
| |
| * [[Fuzzy extractor]]
| |
| | |
| ==References==
| |
| {{reflist}}
| |
| *[http://www.cs.washington.edu/homes/anuprao/pubs/thesis.pdf Randomness Extractors for Independent Sources and Applications], Anup Rao
| |
| *[http://www.cs.haifa.ac.il/~ronen/online_papers/survey.ps Recent developments in explicit constructions of extractors], Ronen Shaltiel
| |
| *[http://people.csail.mit.edu/dodis/ps/hmac.ps Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes], Yevgeniy Dodis et al.
| |
| *[http://eprint.iacr.org/2005/061.pdf Key Derivation and Randomness Extraction], Olivier Chevassut et al.
| |
| *[http://www.cs.utexas.edu/users/diz/pubs/erf.pdf Deterministic Extractors for Bit-Fixing Sources and Exposure-Resilient Cryptography], Jesse Kamp and David Zuckerman
| |
| *[http://www.eecs.harvard.edu/~michaelm/coinflipext.pdf Tossing a Biased Coin (and the optimality of advanced multi-level strategy) (lecture notes)], Michael Mitzenmacher
| |
| | |
| [[Category:Randomness]]
| |
| [[Category:Computational complexity theory]]
| |
| [[Category:Cryptographic algorithms]]
| |
| [[Category:Random number generation]]
| |
It involves expertise and knowledge of various tools and technologies used for creating websites. Offshore expert Word - Press developers high level of interactivity, accessibility, functionality and usability of our website can add custom online to using. Should you go with simple HTML or use a platform like Wordpress. In the recent years, there has been a notable rise in the number of companies hiring Indian Word - Press developers. You can easily customize the titles of the posts in Word - Press blog in a way that only title comes in the new post link and not the date or category of posts.
Thus, it is imperative that you must Hire Word - Press Developers who have the expertise and proficiency in delivering theme integration and customization services. Infertility can cause a major setback to the couples due to the inability to conceive. A Wordpress plugin is a software that you can install into your Wordpress site. You can up your site's rank with the search engines by simply taking a bit of time with your site. Now a days it has since evolved into a fully capable CMS platform which make it, the best platform in the world for performing online business.
It is also popular because willing surrogates,as well as egg and sperm donors,are plentiful. By using Word - Press MLM websites or blogs, you and your companies presence on the internet can be created swiftly and simply. If Gandhi was empowered with a blogging system, every event in his life would have been minutely documented so that it could be recounted to the future generations. Every single Theme might be unique, providing several alternatives for webpage owners to reap the benefits of in an effort to instantaneously adjust their web page appear. If you loved this article and you would like to obtain more information with regards to wordpress dropbox backup kindly stop by the web site. Converting HTML to Word - Press theme for your website can allow you to enjoy the varied Word - Press features that aid in consistent growth your online business.
If all else fails, please leave a comment on this post with the issue(s) you're having and help will be on the way. As an example, if you are promoting a product that cures hair-loss, you most likely would not wish to target your adverts to teens. Specialty about our themes are that they are easy to load, compatible with latest wordpress version and are also SEO friendly. Word - Press is the most popular open source content management system (CMS) in the world today. Wordpress template is loaded with lots of prototype that unite graphic features and content area.
A sitemap is useful for enabling web spiders and also on rare occasions clients, too, to more easily and navigate your website. If you operate a website that's been built on HTML then you might have to witness traffic losses because such a site isn't competent enough in grabbing the attention of potential consumers. You can select color of your choice, graphics of your favorite, skins, photos, pages, etc. You should stay away from plugins that are full of flaws and bugs. 95, and they also supply studio press discount code for their clients, coming from 10% off to 25% off upon all theme deals.