[Cryptography] Generating random values in a particular range

Kent Borg kentborg at borg.org
Sat Aug 6 10:37:00 EDT 2016


On 08/05/2016 03:39 PM, Jerry Leichter wrote:
> So there's always the other classic technique:  Generate the random value; if it's less than N, keep it; otherwise try again.
>
> Guess what:  The use of that second technique *for generating a random element of a group of order q for use in cryptograpnhy* is the subject of a patent, filed in 2000, https://www.google.com/patents/US7372961.  Blackberry is asserting it (among others that I haven't looked at) against Avaya.

God, there must be plenty of prior art on this. I think I almost have 
some in materials I generated for a class I taught at the Boston 
Computer Society back in the late '80s--except I used the first 
technique and then explained it was biased, probably never wrote down 
the second.

-kb, the software engineer Kent who is proud to have no patents in his 
name because software patents are basically all crap, except now-expired 
RSA and maybe a few others.



More information about the cryptography mailing list