Pseudorandom codes are error-correcting codes with the property that no efficient adversary can distinguish encodings from uniformly random strings. They were recently introduced by Christ and Gunn [CRYPTO 2024] for the purpose of watermarking the outputs of randomized algorithms, such as generative AI models. Several constructions of pseudorandom codes have since been proposed, but none of them are robust to error channels that depend on previously seen codewords. This stronger kind of robustness is referred to as adaptive robustness, and it is important for meaningful applications to watermarking. In this work, we show the following. - Adaptive robustness: We show that the pseudorandom codes of Christ and Gunn are adaptively robust, resolving a conjecture posed by Cohen, Hoover, and Schoenbach [S&P 2025]. - Ideal security: We define an ideal pseudorandom code as one which is indistinguishable from the ideal functionality, capturing both the pseudorandomness and robustness properties in one simple definition. We show that any adaptively robust pseudorandom code for single-bit messages can be bootstrapped to build an ideal pseudorandom code with linear information rate, under no additional assumptions. - CCA security: In the setting where the encoding key is made public, we define a CCA-secure pseudorandom code in analogy with CCA-secure encryption. We show that any adaptively robust public-key pseudorandom code for single-bit messages can be used to build a CCA-secure pseudorandom code with linear information rate, in the random oracle model. These results immediately imply stronger robustness guarantees for generative AI watermarking schemes, such as the practical quality-preserving image watermarks of Gunn, Zhao, and Song (2024).

翻译：伪随机码是一种纠错码，其特性在于任何高效敌手均无法区分其编码与均匀随机字符串。Christ与Gunn[CRYPTO 2024]近期引入该概念，旨在为随机化算法（如生成式人工智能模型）的输出添加水印。此后虽已提出多种伪随机码构造方案，但尚无一种能抵抗依赖于历史码字的错误信道。此类更强的鲁棒性被称为自适应鲁棒性，对于水印技术的实际应用至关重要。本工作取得以下成果：- 自适应鲁棒性：我们证明Christ与Gunn提出的伪随机码具有自适应鲁棒性，解决了Cohen、Hoover与Schoenbach[S&P 2025]提出的猜想。- 理想安全性：我们定义理想伪随机码为与理想功能不可区分的编码方案，通过简洁定义同时涵盖伪随机性与鲁棒性。我们证明在无需额外假设条件下，任何针对单比特消息的自适应鲁棒伪随机码均可通过自举技术构建具有线性信息率的理想伪随机码。- CCA安全性：在编码密钥公开的场景下，我们类比CCA安全加密定义了CCA安全伪随机码。我们证明在随机预言机模型中，任何针对单比特消息的自适应鲁棒公钥伪随机码均可用于构建具有线性信息率的CCA安全伪随机码。这些结论直接强化了生成式人工智能水印方案（如Gunn、Zhao与Song[2024]提出的保质量图像水印方案）的鲁棒性保证。