Yao's test - Alchetron, The Free Social Encyclopedia

In cryptography and the theory of computation, Yao's test is a test defined by Andrew Chi-Chih Yao in 1982, against pseudo-random sequences. A sequence of words passes Yao's test if an attacker with reasonable computational power cannot distinguish it from a sequence generated uniformly at random.

Boolean circuits

Let P be a polynomial, and S = { S k } k be a collection of sets S k of P ( k ) -bit long sequences, and for each k , let μ k be a probability distribution on S k , and P C be a polynomial. A predicting collection C = { C k } is a collection of boolean circuits of size less than P C ( k ) . Let p k , S C be the probability that on input s , a string randomly selected in S k with probability μ ( s ) , C k ( s ) = 1 , i.e.

p k , S C = P [ C k ( s ) = 1 | s ∈ S k with probability μ k ( s ) ]

Moreover, let p k , U C be the probability that C k ( s ) = 1 on input s a P ( k ) -bit long sequence selected uniformly at random in { 0 , 1 } P ( k ) . We say that S passes Yao's test if for all predicting collection C , for all but finitely many k , for all polynomial Q :

| p k , S C − p k , U C | < 1 Q ( k )

Probabilistic formulation

As in the case of the next-bit test, the predicting collection used in the above definition can be replaced by a probabilistic Turing machine, working in polynomial time. This also yields a strictly stronger definition of Yao's test (see Adleman's theorem). Indeed, One could decide undecidable properties of the pseudo-random sequence with the non-uniform circuits described above, whereas BPP machines can always be simulated by exponential-time deterministic Turing machines.

References

Yao's test Wikipedia

(Text) CC BY-SA

Contents

Boolean circuits

Probabilistic formulation

References