Patent•
Prime number generation method, prime number generation apparatus, and cryptographic system
24 Nov 1999-
TL;DR: A prime number generation method for efficiently generating prime numbers that are highly resistant to the P−1 and P+1 methods was proposed in this article. But this method requires the prime candidate P′ is generated using odd random numbers, and only those prime candidates P′ that do not satisfy that condition are subjected to the prime number judgment.
Abstract: A prime number generation method for efficiently generating prime numbers that are highly resistant to the P−1 and P+1 methods. These prime numbers are used in a cryptosystem. Prime candidates are first generated, and the generated prime candidates are subjected to prime number judgment by either a probabilistic primality testing method or a deterministic primality testing method. A prime candidate P′ is generated using odd random numbers, a judgment is made as to whether or not that prime candidate P′ satisfies the expression P′≡0, ±1 (mod p i ) (where 3≦i≦n) for prime numbers from p 3 to p n (where p n is the n'th prime). When that expression is satisfied, that prime candidate P′ is excluded. Only those prime candidates P′ that do not satisfy that condition are subjected to the prime number judgment.
Citations
More filters
Patent•
27 Sep 2001
TL;DR: In this paper, a method for determining an optimal number k of prime factors p1, p2,... pk for developing a modulus N for use in a cryptographic system providing computational performance that increases as the number of constituent prime factors of the modulus increases.
Abstract: A method provided for determining an optimal number k of prime factors p1, p2, . . . pk for developing a modulus N for use in a cryptographic system providing computational performance that increases as the number of constituent prime factors of the modulus increases, wherein use of the optimal number k of prime factors enables the system to provide optimal computational performance while maintaining a determined level of security.
17 citations
Patent•
21 Dec 2004TL;DR: In this paper, a prime calculating apparatus is used to determine whether a prime has been duly generated by generating a random number from a management identifier, and then the prime candidate is judged whether it is a prime.
Abstract: A prime calculating apparatus calculating a prime and determining whether the prime has been duly generated The prime calculating apparatus (i) generates a random number, (ii) calculates a multiplication value R by multiplying a management identifier by the random number, and (iii) calculates a prime candidate N, according to N=2×(multiplication value R+w)×prime q+1, with respect to w satisfying an equation of 2×w×prime q+1=verification value (mod management information) Then, the prime calculating apparatus judges whether the calculated prime candidate N is a prime, and outputs the calculated prime candidate N as a prime when determining that it is a prime
12 citations
Patent•
31 Jul 2003TL;DR: In this paper, a method and system for generating prime numbers and testing for primality of an integer is presented. But the primality tester can also be used independent of the random number generator and can be input via a user interface.
Abstract: A method and system for generating prime numbers and testing for primality of an integer. This invention has applicability to “public key” and other encryption techniques that play an important role in the security of information technology and electronic commerce. Generation of prime numbers requires the step of testing the pnmality. The method includes a deterministic test for testing the primality of a number in polynomial time. The system includes a random number generator and a primality tester. The random number generator generates a random number and the primality tester tests the primality of this random number. The primality tester can also be used independent of the random number generator. In such a case, the number whose primality is to be tested can be input via a user interface.
12 citations
Patent•
29 Oct 2002
TL;DR: In this article, a mod remainder table is initialized for the candidate prime number using conventional mod operations and all mod remainder entries in the table are non-zero, the candidate number is tested for primality.
Abstract: A method, apparatus, and article of manufacture provide the ability to rapidly generate a large prime number to be utilized in a cryptographic key of a cryptographic system. A candidate prime number is determined and a mod remainder table is initialized for the candidate prime number using conventional mod operations. If all mod remainder entries in the table are non-zero, the candidate number is tested for primality. If the candidate prime number tests positive for primality, the candidate number is utilized in a cryptographic key of a cryptographic system. If any of the table entries is zero, the candidate number and each mod remainder entry are decremented/incremented. If any mod remainder entry is less than zero or greater than the corresponding prime number, the corresponding prime number is added/subtracted to/from the mod remainder. The process then repeats until a satisfactory number is obtained.
12 citations
Patent•
26 May 2010TL;DR: In this article, a method for protecting a generation, by an electronic circuit, of at least one prime number by testing the prime character of successive candidate numbers, including: for each candidate number: the calculation of a reference number involving at least first random number, and for a candidate number having successfully passed the primality test: a test of consistency between the candidate number and its reference number.
Abstract: A method for protecting a generation, by an electronic circuit, of at least one prime number by testing the prime character of successive candidate numbers, including: for each candidate number: the calculation of a reference number involving at least one first random number, and at least one primality test based on modular exponentiation calculations; and for a candidate number having successfully passed the primality test: a test of consistency between the candidate number and its reference number.
8 citations
References
More filters
Book•
01 Jan 1996TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Abstract: From the Publisher:
A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.
13,597 citations
Patent•
02 Oct 1992
TL;DR: In this article, the authors proposed an elliptic curve cryptosystem that uses elliptic curves defined over finite fields comprised of special classes of numbers to optimize the modulo arithmetic required in the enciphering and deciphering process.
Abstract: The present invention is an elliptic curve cryptosystem that uses elliptic curves defined over finite fields comprised of special classes of numbers. Special fast classes of numbers are used to optimize the modulo arithmetic required in the enciphering and deciphering process. The class of numbers used in the present invention is generally described by the form 2 q -C where C is an odd number and is relatively small, for example, no longer than the length of a computer word (16-32 bits). When a number is of this form, modulo arithmetic can be accomplished using shifts and adds only, eliminating the need for costly divisions. One subset of this fast class of numbers is known as "Mersenne" primes, and are of the form 2 q -1. Another class of numbers that can be used with the present invention are known as "Fermat" numbers of the form 2 q +1. The present invention system whose level of security is tunable. q acts as an encryption bit depth parameter, such that larger values of q provide increased security. Inversion operations normally require an elliptic curve algebra can be avoided by selecting an inversionless parameterization of the elliptic curve. Fast Fourier transform for an FFT multiply mod operations optimized for efficient Mersenne arithmetic, allow the calculations of very large q to proceed more quickly than with other schemes.
180 citations
Patent•
RSA1
TL;DR: A key pair can be shown to be cryptographically strong by demonstrating that its modulus N is the product of two relatively large prime numbers as discussed by the authors, and that N is cryptographically secure against Pollard factoring, Williams factoring attacks, Bach-Shallit factoring attack, and weighted difference of squares factoring.
Abstract: Methods and apparatus are disclosed for demonstrating that a public/private key pair is cryptographically strong without revealing information sufficient to compromise the private key. A key pair can be shown to be cryptographically strong by demonstrating that its modulus N is the product of two relatively large prime numbers. In addition, a key pair can be shown to be cryptographically strong by demonstrating that N is cryptographically strong against Pollard factoring attacks, Williams factoring attacks, Bach-Shallit factoring attacks, and weighted difference of squares factoring attacks.
125 citations
Patent•
15 Dec 1980
TL;DR: A public-key data encryption system employing RSA public key data encryption including a message encrypter capable of encrypting messages using a non-secret encryption key, and an encryption-decryption key generator, including a microprocessor or other large-scale integrated circuit or circuits formed to generate a sequence of prime numbers as discussed by the authors.
Abstract: A public-key data encryption system employing RSA public-key data encryption including a message encrypter capable of encrypting messages using a non-secret encryption key, a transmitter-receiver coupled to the message encrypter which transmits or receives an encrypted message to or from a remote location, the transmitter-receiver also being coupled to a decrypter capable of decrypting a received encrypted message using a decryption key which is a secret input to the decrypter, and an encryption-decryption key generator, including a microprocessor or other large-scale integrated circuit or circuits formed to generate a sequence of prime numbers beginning with a selected known prime number having a length relatively short with respect to the desired length of the last in the sequence of prime numbers, and which is constructed to form the sequence of prime numbers in the form hP+1 where P is the preceding prime number in the sequence, and to test hP+1 for primality by first determining if hP+1 has a GCD of 1 with x, wherein x is a composite number consisting of the product of all known prime numbers less than or equal to a pre-selected known prime number and if the GCD is not equal to 1, incrementing h to form a new hP+1 to be tested for a GCD equal to 1, and when a GCD is found to be 1, performing the primality tests to determine whether 2 hP ≡1 [mod (hP+1)] and 2 h ≢1 [mod (hP+1)], and if either 2 hP ≢1 [mod (hP+1)] or 2 h ≡1 [mod (hP+1)] further incrementing h and so on until a prime is found in this manner and then determining if the length of the prime number is of or greater than the desired length. If the hP+1 which has been determined to be prime is not of the desired length, hP+1 is placed in the sequence of prime numbers and a new h selected to be used to find the next prime number in the sequence in accordance with the above described procedure by forming a new hP+1 in which P is the previously determined prime number in the sequence of prime numbers. When a prime number in the sequence of prime numbers is found which is of the desired length it is input into the encryption-decryption key generator for generating the RSA public-key encryption and decryption keys.
124 citations
TL;DR: A very efficient recursive algorithm for generating nearly random provable primes and a detailed analysis of the iterated encryption attack on the RSA public-key cryptosystem is presented.
Abstract: A very efficient recursive algorithm for generating nearly random provable primes is presented. The expected time for generating a prime is only slightly greater than the expected time required for generating a pseudoprime of the same size that passes the Miller-Rabin test for only one base. Therefore our algorithm is even faster than algorithms presently used for generating only pseudoprimes because several Miller-Rabin tests with independent bases must be applied for achieving a sufficient confidence level. Heuristic arguments suggest that the generated primes are close to uniformly distributed over the set of primes in the specified interval.
Security constraints on the prime parameters of certain cryptographic systems are discussed, and in particular a detailed analysis of the iterated encryption attack on the RSA public-key cryptosystem is presented. The prime-generation algorithm can easily be modified to generate nearly random primes or RSA-moduli that satisfy these security constraints. Further results described in this paper include an analysis of the optimal upper bound for trial division in the Miller-Rabin test as well as an analysis of the distribution of the number of bits of the smaller prime factor of a random k-bit RSA-modulus, given a security bound on the size of the two primes.
94 citations