Goldreich's PRG: Evidence for Near-Optimal Polynomial Stretch

Furthering the study of cryptography in constant parallel time, we give new evidence for the security of Gold Reich's candidate pseudorandom generator with near-optimal, polynomial stretch. Our evidence consists both of security against sub exponential-time linear attacks as well as sub exponential-time attacks using SDP hierarchies such as Sherali-Adams+ and Lasserre/Parrilo. More specifically, instantiating Gold Reich's generator with the 5-ary \"Tri-Sum-And\" predicate, we get a candidate 5-local PRG which is secure against both linear attacks and attacks based on the Lasserre/Parrilo SDP hierarchy. Previous works with such small locality gave polynomially less stretch and were only shown to be secure against linear attacks. Our result is essentially optimal, as known SDP/spectral techniques show the generator would not be secure if its stretch was higher by any polynomial factor. More generally, we show that (a slight variant of) Gold Reich's generator can have stretch increasing with the degree of the smallest nonzero Fourier coefficient of the predicate while resisting sub exponential-time attacks based on the Sherali-Adams+ SDP hierarchy. Again, the dependence on the degree is (potentially) optimal due to known SDP/spectral methods which succeed at any polynomially higher stretch. Finally, for a large family of predicates we also extend this result to security against the much stronger Lasserre/Parrilo SDP hierarchy.