Close to Uniform Prime Number Generation with Fewer Random Bits
نویسندگان
چکیده
Abstract. In this paper, we analyze several variants of a simple method for generating prime numbers with fewer random bits. To generate a prime p less than x, the basic idea is to fix a constant q ∝ x, pick a uniformly random a < q coprime to q, and choose p of the form a+ t · q, where only t is updated if the primality test fails. We prove that variants of this approach provide prime generation algorithms requiring few random bits and whose output distribution is close to uniform, under less and less expensive assumptions: first a relatively strong conjecture by H. Montgomery, made precise by Friedlander and Granville; then the Extended Riemann Hypothesis; and finally fully unconditionally using the Barban–Davenport–Halberstam theorem.
منابع مشابه
Two-sources Randomness Extractors for Elliptic Curves
This paper studies the task of two-sources randomness extractors for elliptic curves defined over a finite field K, where K can be a prime or a binary field. In fact, we introduce new constructions of functions over elliptic curves which take in input two random points from two different subgroups. In other words, for a given elliptic curve E defined over a finite field Fq and two random points...
متن کاملThe Insecurity of the Digital Signature Algorithm withPartially
We present a polynomial-time algorithm that provably recovers the signer's secret DSA key when a few bits of the random nonces k (used at each signature generation) are known for a number of DSA signatures at most linear in log q (q denoting as usual the small prime of DSA), under a reasonable assumption on the hash function used in DSA. The number of required bits is about log 1=2 q, and can b...
متن کاملAn Efficient Discrete Log Pseudo Random Generator
The exponentiation function in a finite field of order p (a prime number) is believed to be a one-way function. It is well known that O(log log p) bits are simultaneously hard for this function. We consider a special case of this problem, the discrete logarithm with short exponents, which is also believed to be hard to compute. Under this intractibility assumption we show that discrete exponent...
متن کاملFast Generation of Prime Numbers and
A very eecient recursive algorithm for generating nearly random prov-able primes is presented. The expected time for generating a prime is only slightly greater than the expected time required for generating a pseudo-prime of the same size that passes the Miller-Rabin test for only one base. Therefore our algorithm is even faster than presently-used algorithms for generating only pseudo-primes ...
متن کاملTowards True Random Number Generation in Mobile Environments
In our paper, we analyze possibilities to generate true random data in mobile devices such as mobile phones or pocket computers. We show how to extract arguably true random data with a probability distribution = 2−64 close to the uniform distribution in the trace distance. To postprocess the random data acquired from the camera we use a randomness extractor based on the Carter-Wegman universal2...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2011 شماره
صفحات -
تاریخ انتشار 2011