[Cryptography] Generating random values in a particular range
John-Mark Gurney
jmg at funkthat.com
Tue Aug 16 15:00:42 EDT 2016
John Levine wrote this message on Sat, Aug 06, 2016 at 15:08 -0000:
> >> Guess what: The use of that second technique *for generating a random
> >> element of a group of order q for use in cryptograpnhy* is the subject of a
> >> patent, filed in 2000, https://www.google.com/patents/US7372961.
> >> Blackberry is asserting it (among others that I haven't looked at) against
> >> Avaya.
>
> It's not quite that simple -- there's a hash step before deciding
> whether to throw the value away. But I agree that's stupendously
> obvious for 2000.
>
> The hard part with these really obvious patents is finding someone who
> documented the technique before the priority date. Since it's
> obvious, why bother to write it up?
This looks very close to the way RFC 2631 specifies how to generate
DH parameters.
https://www.ietf.org/rfc/rfc2631.txt
Only difference there is that they just say an arbitrary bit string,
instead of seeding from random.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography
mailing list