In article <[EMAIL PROTECTED]> you wrote:
> I've noticed that there is some mention of strong primes in the
> documentation. How are stong primes generated in OpenSSL?
AFAIK the stuff basically works this way:
In a loop per iteration a large enough random number is choosen and tested
against various criteria (called witnesses in this context) which are both
dependent of random test values and checks for use-case-dependent problems
(for DH, etc.). When no witnesses say it's not a prime we can assume the
number is a prime, at least with some probability. To make the decision better
(to decrease the probability that the number isn't a prime) the witness-tests
are usually repeated. Internally a lot of other tricks are done (Montgomery
multiplication algorithm) to speed up the process, of course. Additionally the
mathematics of the witness-tests in such randomized algorithms for
prime-generation range from trivial to horrible complex (both to understand
and proof, of course).
I hope I've summarized it mostly ok. When not, please complain. I've not
looked at the code for longer time now and just repeated my knowledge of the
past about this stuff in OpenSSL.
> I ask because I have some code (somewhere!) that implements the
> Williams-Schmid method for creating these primes by construction.
By construction? Interesting. I always thought there is no efficient
construction process possible for prime-number generation, isn't it?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
