[Cryptography] Generating random values in a particular range
Kent Borg
kentborg at borg.org
Sat Aug 6 10:37:00 EDT 2016
On 08/05/2016 03:39 PM, Jerry Leichter wrote:
> So there's always the other classic technique: Generate the random value; if it's less than N, keep it; otherwise try again.
>
> Guess what: The use of that second technique *for generating a random element of a group of order q for use in cryptograpnhy* is the subject of a patent, filed in 2000, https://www.google.com/patents/US7372961. Blackberry is asserting it (among others that I haven't looked at) against Avaya.
God, there must be plenty of prior art on this. I think I almost have
some in materials I generated for a class I taught at the Boston
Computer Society back in the late '80s--except I used the first
technique and then explained it was biased, probably never wrote down
the second.
-kb, the software engineer Kent who is proud to have no patents in his
name because software patents are basically all crap, except now-expired
RSA and maybe a few others.
More information about the cryptography
mailing list