[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: java.security expert?
From: |
Andrew Haley |
Subject: |
Re: java.security expert? |
Date: |
Thu, 11 Mar 2004 11:02:25 +0000 |
Johan Peeters writes:
>
> The guarantee that the result is prime seems rather weak considering
> that isProbablePrime() is called with argument 1. Assuming that the
> likelihood that steps 1 to 6 comes up with a prime is about 1/2,
It isn't. Ron Rivest conjectures [1] that the probablility of finding
a randomly chosen 256-bit pseudoprime is less than 1 in 10^22.
However, the Miller-Rabin test that we use in BigInteger.java isn't
fooled by psuedoprimes in any case. The code there uses Miller-Rabin
to provide an error probability of less than 1 in 2^80. (Which
doesn't meet the spec, as the doc says.)
There isn't any need to pass isProbablePrime() anything other than 1.
The comment "See IEEE P1363" really won't do. We need some
description of the algorithm here.
Andrew.
[1]
http://theory.lcs.mit.edu/~rivest/Rivest-FindingFourMillionLargeRandomPrimes.ps