[EMAIL PROTECTED] wrote:
So Miller-Rabin is good for testing random candidates, but it is easy to
maliciously construct an n that passes several rounds of Miller-Rabin.
Interesting! So how does one go about constructing such an n?
Maurer’s method doesn’t pick and test random candidates, rather it
constructs, in a special way, an integer that is guaranteed to be prime.
Don’t be concerned about secrecy of prime generated with Maurer’s method,
the method generates primes that are almost uniformly distributed over the
set of all numbers (this is different from another algorithm called
Shawe-Taylor, which is similar in functioning but only reaches 10% of all
primes of a specified set).
I presume you mean densely distributed over the set of all primes?
Uniform distribution isn't much use if its sparse!
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
