Fwd: Tor security advisory: DH handshake flaw
astiglic at okiok.com
astiglic at okiok.com
Mon Aug 29 11:37:38 EDT 2005
>> Don’t be concerned about secrecy of prime generated with Maurer’s
>> method,
>> the method generates primes that are almost uniformly distributed over
>> the
>> set of all numbers (this is different from another algorithm called
>> Shawe-Taylor, which is similar in functioning but only reaches 10% of
>> all
>> primes of a specified set).
>
> I presume you mean densely distributed over the set of all primes?
> Uniform distribution isn't much use if its sparse!
What I wanted to say is the method "generates primes that are close to
uniformly distributed over the set of primes in the specified interval",
as stated in Maurer's papers. In other words, the distribution of primes
created is similar that that when using the method of picking uniformly at
random candidates in an interval and passing the Miller-Rabin test
(except, of cours, there is no probability of error (picking a
pseudo-prime)), which most crypto libraries do.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list