[18328] in cryptography@c2.net mail archive
Re: Fwd: Tor security advisory: DH handshake flaw
daemon@ATHENA.MIT.EDU (astiglic@okiok.com)
Mon Aug 29 11:43:00 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <4311B0CA.4070106@algroup.co.uk>
Date: Mon, 29 Aug 2005 11:37:38 -0400 (EDT)
From: astiglic@okiok.com
To: "Ben Laurie" <ben@algroup.co.uk>
Cc: cryptography@metzdowd.com
>> Don’t be concerned about secrecy of prime generated with Maurer’s
>> method,
>> the method generates primes that are almost uniformly distributed over
>> the
>> set of all numbers (this is different from another algorithm called
>> Shawe-Taylor, which is similar in functioning but only reaches 10% of
>> all
>> primes of a specified set).
>
> I presume you mean densely distributed over the set of all primes?
> Uniform distribution isn't much use if its sparse!
What I wanted to say is the method "generates primes that are close to
uniformly distributed over the set of primes in the specified interval",
as stated in Maurer's papers.  In other words, the distribution of primes
created is similar that that when using the method of picking uniformly at
random candidates in an interval and passing the Miller-Rabin test
(except, of cours, there is no probability of error (picking a
pseudo-prime)), which most crypto libraries do.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com