What would be the value in having a true prime number generator algorithm instead of a prime number test algorithm? Also, if such a thing existed, what would be the impact on not only cryptography?
Asked
Active
Viewed 142 times
1
-
2We do know algorithms that generate provable primes with about 20% overhead (IIRC) to standard methods... – SEJPM Jul 28 '16 at 20:46
-
1@SEJPM: actually, when I played around with Shawe-Taylor (which generates provable primes), it appeared to be slightly faster than the standard 'pick a random value, then test for primality by running a bunch of probabilistic tests'; I suspect that was because once ST hit a prime, it didn't have to double check a bunch of times... – poncho Jul 28 '16 at 20:50
-
@SEJPM, but aren't the algorithms which you are referring to generate primes based on functions which have a level of rounding error within them but the error is small enough not to affect the result? Btw, are these publicly known algorithms? Also, if the answer to this first question is yes, then I ask the value question again with respect to a so called "perfect" prime number generator. – Ben Jul 29 '16 at 04:19
-
1@Ben, the algorithms that are most often used are probabilistic and fail with some (very small) probability, but like SEJPM wrote, there are deterministic ones which do not have "rounding" or a chance of failure. – otus Jul 29 '16 at 04:55
-
Cryptography usually requires not only prime numbers, but randomly chosen prime numbers (ex RSA key generation). I doubt any provable prime generation algorithm can produce randomly chosen prime numbers. – kludg Jul 29 '16 at 06:42
-
One example of such an algorithm is Maurer's algorithm which can be found in the handbook of applied cryptography (PDF) along with some discussion of it. – SEJPM Jul 29 '16 at 08:50
-
I have implemented Maurer's algorithm in Python and compared it with the probabilistic method of Miller-Rabin in runtime. See s13.zetaboards.com/Crypto/topic/7234475/1/ – Mok-Kong Shen Jul 29 '16 at 10:33
-
@kludg, FIPS 186-4 shows how they expect Shawe-Taylor to be implemented for random proven prime generation. Maurer's algorithm is another alternative. The downsides are speed (depends on your language, implementation, and your comparison), slightly more complicated programming, and dropping some portion of the primes in the space (that is, only ~10% of the possible primes can be generated, but that is basically irrelevant at these sizes). – DanaJ Aug 01 '16 at 19:03