Random Prime Generator/Modular Arithmetic

Re: Random Prime Generator/Modular Arithmetic

Tuvas <tuvas21@gmail. com> wrote:
...[color=blue]
> to make sure. For simpler than going to the website, I used the ranint[/color]

I assume you mean random.randint here.
[color=blue]
> function to pick a random prime number, then ran it through the miller
> rabin primality test. It's a probabalistic test, which means it isn't
> full proof, but there's still less than 1 in a million of giving a[/color]

Miller-Rabin is not the problem -- rather, random.randint might be... it
makes no claims to be cryptographical ly strong, in either the current
Mersenne implementation or the previous Wichman-Hill one. Could you
maybe use /dev/random or the like? Cfr
<http://world.std.com/~cme/P1363/ranno.html> for an introduction to the
subject. (For speed, you may want to look into gmpy.sf.net, but that's
quite a separate issue from the strength of your random numbers).


Alex

Re: Random Prime Generator/Modular Arithmetic

I have discoved that the mod function isn't quite right in dealing with
powers, but, I'll have it fixed shortly.

Re: Random Prime Generator/Modular Arithmetic

Well, the RSA element's never going to encrypt more than a small, 1
block system except under rare occasions, the primary encryption will
be AES128. Thanks for the help though!

Re: Random Prime Generator/Modular Arithmetic

Okay, the bug in my code has been fixed, it should work alot better
now... I thought I had tested the power function, but I appearently
wasn't even close... But now it works just fine.

I guess you are right, I will have to work on a better system to be
cryptologically secure. But, at least I have a start. Thanks for the
help!

Re: Random Prime Generator/Modular Arithmetic

"Tuvas" <tuvas21@gmail. com> writes:[color=blue]
> I have made and recently posted a libary I made to do Modular
> Arithmetic and Prime numbers on my website at
> http://www.geocities.com/brp13/Python/index.html . I am currently in a
> crypotology class, and am working on building a RSA public key
> cryptology system for a class project. I am building the librarys just
> to get the experience to do so.[/color]

I'm looking at


You do something for x in range(10) but you don't use x in the loop.

I'll guess you actually intended to pick some random number n and find
the closest prime p >= n. That's not a good strategy: imagine you pick
a random number n in the range 1..50. Let's say n is 14. 14 isn't
prime, so you check 15, 16, and 17. 17 is prime so you return p = 17.
You also return 17 if n is 15, 16, or 17. So the chance of your
returning p = 17 is 4/50.

What is your chance of returning p = 19? It means n has to be 18 or
19, so the chance is only 2/50. That's not good--you want all primes
to be equally likely.

Anyway, the simplest approach is:

1) get random numbers by reading characters from os.urandom() and
converting them to integers. Don't use randint which makes no attempt
at cryptographic security.

2) For each random integer (you can set the low bit to make sure it is
odd), test against some small prime divisors p (say the primes up to
1000) as a fast way to throw away some composites. If n%p == 0 for
any p, throw away n and go back to step 1.

3) If you get an n with no small divisors, do the (slow) Miller-Rabin
test. If it passes, you're done; if it fails, go back to step 1.

Re: Random Prime Generator/Modular Arithmetic

Okay, I don't know if your farmiliar with the miller-rabin primality
test, but it's what's called a probabalistic test. Meaning that trying
it out once can give fake results. For instance, if you use the number
31 to test if 561 is prime, you will see the results say that it isn't.
Mathematically, the most possible wrong answers is 1/4th of the
numbers. Thus, one should try at least 10 times (A very standard value)
in order to ensure that the number is not a psuedoprime, but indeed a
real prime number. That was the intent of the loop of 10 without using
the number.

If this test fails, it will chose another random number to test.

I could easily test with several small numbers, at least primes up to
20 would greatly reduce the number of miller-rabin tests to perform,
and would speed up the process considerably. Might as well toss it in.

Thanks for the tip on the urandom. I knew there had to be a better
random number generator somewhere. I saw lots of stuff for os specific,
but I'm trying to develop this as os independent.

Re: Random Prime Generator/Modular Arithmetic

thanks for the webpage info,
however theres a small error I found when trying to generate a prime
number with more than 300 decimal digits. It comes up with

File "prime.py", line 84, in mod_square_pow
return x*mod_square_po w(((a**2)%n),t, n,p*2)
File "prime.py", line 84, in mod_square_pow
return x*mod_square_po w(((a**2)%n),t, n,p*2)
File "prime.py", line 73, in mod_square_pow
if(p*2>t):
RuntimeError: maximum recursion depth exceeded in cmp

Have you considered this? otherwise the algorithm is rather quick for
generating large random prime numbers.
Thanks for your help

Tuvas wrote:
[color=blue]
>Okay, I don't know if your farmiliar with the miller-rabin primality
>test, but it's what's called a probabalistic test. Meaning that trying
>it out once can give fake results. For instance, if you use the number
>31 to test if 561 is prime, you will see the results say that it isn't.
>Mathematically , the most possible wrong answers is 1/4th of the
>numbers. Thus, one should try at least 10 times (A very standard value)
>in order to ensure that the number is not a psuedoprime, but indeed a
>real prime number. That was the intent of the loop of 10 without using
>the number.
>
>If this test fails, it will chose another random number to test.
>
>I could easily test with several small numbers, at least primes up to
>20 would greatly reduce the number of miller-rabin tests to perform,
>and would speed up the process considerably. Might as well toss it in.
>
>Thanks for the tip on the urandom. I knew there had to be a better
>random number generator somewhere. I saw lots of stuff for os specific,
>but I'm trying to develop this as os independent.
>
>
>[/color]

Re: Random Prime Generator/Modular Arithmetic

Hmmmm. Well, I don't know what else I could do, except for to write a
function that doesn't require recursion. Still, 300 digits isn't too
bad... I have also realized that if you try is_prime(3) it will return
false. I'll have to work on it... Thanks for the help!

Re: Random Prime Generator/Modular Arithmetic

Also you last code which looked like:

def cran_rand(min,m ax):
if(min>max):
x=max
max=min
min=x
range=round(log (max-min)/log(256))
if range==0:
range=1
num=max+1
while(num>max):
num=min+s2num(u random(range))
return num


what does s2num do? im assuming it changes string chars to ascii
decimal? Is that correct?
and i thought is_prime would work better if you listed all small primes
(<20000) and check if they are divisible by those.
Aside from that Im really interested in your cran_rand function as I
havent fully tested it out yet.
Cheers


Tuvas wrote:
[color=blue]
>Hmmmm. Well, I don't know what else I could do, except for to write a
>function that doesn't require recursion. Still, 300 digits isn't too
>bad... I have also realized that if you try is_prime(3) it will return
>false. I'll have to work on it... Thanks for the help!
>
>
>[/color]

Re: Random Prime Generator/Modular Arithmetic

Yep, you guessed correctly about the s2num function, I knew I should
have put a bit more.. It just converts an ascii string to a number,
however many numbers that are nessicary. I could indeed check for all
primes below a certain number, however, it still seems to run quite
fast, at least to a 400 digit number. It's not something I'm going to
use a ton, so optimizing it might not be worth it much more than it is.
Perhaps I'll try all primes at least up to 100, that wouldn't be too
bad... Maybe I'll have to modify my old prime string to output the
python command to check all of them, it's a bit of a pain the whole if
0 in (n%2, n%3) stuff, and I can't think of a better way to do it
without writing a new function to do so.
I'm going to post the new code in just a minute, it's running quite
nicely. I'm also posting my RSA function, which I believe should be
secure enough. I'm uploading the code to them now, the HTML page'll be
a few minutes...

Re: Random Prime Generator/Modular Arithmetic

Also I think the snippet code [p for p in range(2,N) if 0 not in
[pow(w,p-1,p)==1 for w in [2, 3, 5, 7, 11] if p>w]] is probably nicer to
generate a list of primes for up to N (instead of hard coded)
Aside from that looks nice.
Thanks

Tuvas wrote:
[color=blue]
>Yep, you guessed correctly about the s2num function, I knew I should
>have put a bit more.. It just converts an ascii string to a number,
>however many numbers that are nessicary. I could indeed check for all
>primes below a certain number, however, it still seems to run quite
>fast, at least to a 400 digit number. It's not something I'm going to
>use a ton, so optimizing it might not be worth it much more than it is.
>Perhaps I'll try all primes at least up to 100, that wouldn't be too
>bad... Maybe I'll have to modify my old prime string to output the
>python command to check all of them, it's a bit of a pain the whole if
>0 in (n%2, n%3) stuff, and I can't think of a better way to do it
>without writing a new function to do so.
>I'm going to post the new code in just a minute, it's running quite
>nicely. I'm also posting my RSA function, which I believe should be
>secure enough. I'm uploading the code to them now, the HTML page'll be
>a few minutes...
>
>
>[/color]

Re: Random Prime Generator/Modular Arithmetic

Actually, it wasn't very nice, it returned composites instead of
primes... There was alot of little bugs, I'm glad I checked it again.
The new code once again is uploaded, the previews are on their way... I
did set up a system to check for primality up to 1000, I think any more
than that and it will become conter-productive.

Re: Random Prime Generator/Modular Arithmetic

Although, I have to brag quickly, adding in this simple prime check
speed up the algorithm to the point that it's actually faster to find a
prime number with my program than to verify a number prime with
GP/PARI, so, I feel good.

Re: Random Prime Generator/Modular Arithmetic

Tuvas wrote:[color=blue]
> Okay, I don't know if your farmiliar with the miller-rabin primality
> test,[/color]

Paul is familiar with it. When he referred to your Miller-Rabin
test, he meant all the rounds.
[color=blue]
> but it's what's called a probabalistic test. Meaning that trying
> it out once can give fake results.[/color]

In the sense that some composites will pass as prime for some
bases.

[color=blue]
> For instance, if you use the number
> 31 to test if 561 is prime, you will see the results say that it isn't.[/color]

That's not an instance of a fake result; Miller-Rabin has that
one right. When Miller-Rabin says a number is composite, it is
always correct.


Your current Miller-Rabin test, in



in method Mod.is_strong_p seudo_prime(), looks buggy. Obviously
you want "cut()" not "cut", and "if 1:" cannot fail. In my opinion,
the Mod class is not such a good idea; just use functions.


Note that Python has modular exponentiation built in.

pow(base, power, modulus)

with positive integer arguments will return base**power % modulus.


Finally, though most introductory crypto courses don't cover it,
RSA requires "padding" of the plaintext data. Google RSA + Padding
for more. Or ask on sci.crypt.


--
--Bryan