Lecture 16

In this lecture we covered Nisan's pseudorandom generator for log space.

One thing I had to rush over at the end was the actual definition of the generator, along with its seed length!

Here is an official inductive definition of the generator: Let $h_1,...h_{\lg n}:\{0,1{\}}^k\to \{0,1{\}}^k$ be functions. We define $G_t:\{0,1{\}}^k\to \{0,1{\}}^{2^{t}k}$ inductively by $G_0\left(x\right)=x$, $G_t\left(x\right)=\left(G_{t-1}\right(x),G_{t-1}(h_t\left(x\right)\left)\right)$.

Finally, Nisan's generator $G$ maps $\langle x,h_1,...h_{\lg n}\rangle$ into $G_{\lg n}\left(x\right)$. Here the $h_i$'s are the "descriptions" of the hash functions.

Recall that we are using the simple "$a\circ x+b$" pairwise independent hash family; the "description" of such a function is just the $2k$-bit string $\langle a,b\rangle$. Conveniently, choosing this description uniformly at random coincides with choosing $h\sim {\mathscr{H}}_k$ uniformly at random.

So finally, the seed length is $\ell =k+\left(\lg n\right)\left(2k\right)$. Since $k=O\left(\log S\right)$, this is indeed $O\left(S\log n\right)$ seed-length, as claimed. The number of output bits is in fact $nk=O\left(n\log S\right)$ (which is, as we noted, slightly more than we need).