[Cryptography] Need a list of Solinas/pseudo Mersene Primes.

Phillip Hallam-Baker phill at hallambaker.com
Fri Aug 31 14:22:07 EDT 2018 

On Fri, Aug 31, 2018 at 1:41 PM Viktor Dukhovni <cryptography at dukhovni.org>
wrote:

>
>
> > On Aug 31, 2018, at 12:05 PM, Phillip Hallam-Baker <
> phill at hallambaker.com> wrote:
> >
> > The way that I drafted the spec, it requires the number of bits to be a
> multiple of 8 and the prime to be the largest prime that is smaller than
> the next power of two. Thus, folk can apply the spec to secrets of any
> length without re-writing the spec.
> >
> > I am considering changing this to require the number of bits to be a
> multiple of 32 and giving the primes for use with up to 512 bits.
>
> For $2^{32k+1}-n$ prime with $n$ minimal, the values are:
>
>         •  2^33 -   9
>         •  2^65 -  49
>         •  2^97 - 141
>         • 2^129 -  25
>         • 2^161 - 159
>         • 2^193 -  31
>         • 2^225 -  49
>         • 2^257 -  93
>         • 2^289 - 493
>         • 2^321 -   9
>         • 2^353 - 139
>         • 2^385 - 265
>         • 2^418 -  29
>         • 2^449 - 241
>         • 2^481 - 273
>         • 2^513 - 445
>
> [ via "x=33;x=x+32;x<=513;x*1000 + (1 SHL x) - B(1 SHL x)" plugged into
>   https://www.alpertron.com.ar/ECM.HTM ]
>

Awesome thanks!

Writing these docs is a real bear and being able to ask folk for answers to
this type of thing allows me to keep focused on the other bits.

While we are at it, if someone could recommend a good algorithm
implementable in C# for point addition on Montgomery curves, that would be
very helpful. I found this:

https://www.hyperelliptic.org/EFD/g1p/auto-montgom-xz.html

The reason this is needed is that I am using the key combination and result
combination properties of DH systems to support Recryption and key
combination.

Right now I am using Ed448 for encryption because the libraries define
point addition. I do not have code that implements point addition for
Montgomery curves.

I have something close to code but it needs generic functions that are
common in numeric tools like Mathematica but are not found in C or python
which is what I need for a spec
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180831/f0d982d2/attachment.html>

More information about the cryptography mailing list