On linear-size pseudorandom generators and hardcore functions.

We consider the question of constructing pseudorandom generators that simultaneously have linear circuit complexity (in the output length), exponential security (in the seed length), and a large stretch (linear or polynomial in the seed length). We refer to such a pseudorandom generator as an asymptotically optimal PRG. We present a simple construction of an asymptotically optimal PRG from any one-way function f:{0,1}n→{0,1}n which satisfies the following requirements:1.f can be computed by linear-size circuits;2.f is 2βn-hard to invert, for some constant β>0;3.f either has high entropy, in the sense that the min-entropy of f(x) on a random input x is at least γn where β/3+γ>1, or alternatively it is regular in the sense that the preimage size of every output of f is fixed. Known constructions of PRGs from one-way functions can do without the entropy or regularity requirements, but they achieve slightly sub-exponential security (Vadhan and Zheng (2012) [27]).