METHOD OF GENERATING PROVEN PRIME NUMBERS SUITABLE FOR BEING IMPLEMENTED IN A SMART CARD
First Claim
Patent Images
1. An encryption method implemented in an electronic device, the method comprising steps of:
- generating a candidate prime number from another prime number using the following formula;
Pr=2P·
R+1where Pr is the candidate prime number, P is a prime number having a number of bits lower than a desired number of bits of the candidate prime number, and R is an integer,applying the Pocklington primality test to the candidate prime number, andsupplying the candidate prime number as proven prime number if it passes the Pocklington test,wherein the size in number of bits of the candidate prime number is equal to three times the size of the prime number, to within one unit, the method comprising steps of calculating a quotient of an integer division of the integer by the prime number, and of rejecting the generated candidate prime number if the quotient of the integer division of the integer by the prime number is even.
4 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method for generating a prime number, implemented in an electronic device, the method including steps of generating a prime number from another prime number using the formula Pr=2P·R+1, where P is a prime number having a number of bits lower than that of the candidate prime number, and R is an integer, and applying the Pocklington primality test to the candidate prime number, the candidate prime number being proven if it passes the Pocklington test. According to the invention, the size in number of bits of the candidate prime number is equal to three times the size of the prime number, to within one unit, the generated candidate prime number being retained as candidate prime number only if the quotient of the integer division of the integer by the prime number is odd.
8 Citations
19 Claims
-
1. An encryption method implemented in an electronic device, the method comprising steps of:
-
generating a candidate prime number from another prime number using the following formula;
Pr=2P·
R+1where Pr is the candidate prime number, P is a prime number having a number of bits lower than a desired number of bits of the candidate prime number, and R is an integer, applying the Pocklington primality test to the candidate prime number, and supplying the candidate prime number as proven prime number if it passes the Pocklington test, wherein the size in number of bits of the candidate prime number is equal to three times the size of the prime number, to within one unit, the method comprising steps of calculating a quotient of an integer division of the integer by the prime number, and of rejecting the generated candidate prime number if the quotient of the integer division of the integer by the prime number is even. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
8. Method according to claim 1, comprising steps of generating the integer from an invertible number belonging to a set of invertible elements modulo a product of numbers belonging to a group of small prime numbers greater than 2, so that the candidate prime number is not divisible by any number of the group, the prime number P having a number of bits equal to within one bit to a third of the desired number of bits of the candidate prime number.
-
9. Method of claim 8, wherein the integer is chosen equal to:
-
R=X−
((2P)−
1 mod Π
v)+Z·
Π
v,X being an invertible number modulo the product of the prime numbers of the group, P being the prime number, and Z being an integer chosen so that the number R has a size such that the candidate prime number has the desired number of bits.
-
-
10. Method according to claim 8, wherein the integer is chosen so as to be even and so that the remainder of its integer division by the prime number is odd.
-
11. Method according to claim 8, wherein the integer is chosen equal to:
-
R=K+(K mod
2)P·
Π
v+2P·
Z·
Π
v,where K=(((X−
(2P)−
1−
S)/P) mod Π
v)P+S, S being the remainder of the integer division of the integer R by the prime number P, X being an invertible number modulo the product Π
v of the prime numbers of the group, P being the prime number, and Z being an integer chosen so that the number R has a size such that the candidate prime number has the desired number of bits.
-
-
12. Method according to claim 8, wherein if the candidate prime number does not pass the Pocklington primality test, it comprises steps of generating a new candidate prime number by adding to the candidate prime number a multiple of the invertible number modulo the product, the multiple not being divisible by one of the numbers forming the product, and applying the Pocklington primality test to the new candidate prime number.
-
13. Method according to claim 8, wherein the invertible number is generated by searching for an invertible candidate number X lower than the product fly verifying the following equation:
-
Xλ
Π
v=1 mod Π
v,λ
Π
v being the Carmichael number of the set of invertible elements modulo the product Π
v.
-
-
14. Method according to claim 13, wherein an invertible candidate number is randomly chosen at a value lower than the product Π
- v and incremented by one or the quantity B (1−
Xλ
Π
v mod Π
v) until it verifies the equation;
Xλ
Π
v=1 mod Π
v,B being an integer randomly chosen between one and the product Π
v.
- v and incremented by one or the quantity B (1−
-
15. Method according to claim 14, wherein the generation of the first prime number comprises steps of:
-
randomly choosing a number formed of the reduced number of bits, and applying to the chosen number a limited set of Miller-Rabin tests (MRA, A=2, 7, 61;
3, 5, 7, 11, 13,
17) in different bases, until the chosen number passes the set of Miller-Rabin tests, the maximum number of bits and the values of the bases being chosen to prove the primality of the first prime number.
-
-
16. Method according to claim 15, wherein the Miller-Rabin tests applied to the randomly chosen number are performed in bases 2, 7 and 61 with a maximum number of bits, chosen lower than or equal to 32, or in bases 2, 3, 5, 7, 11, 13 and 17, with a maximum number of bits chosen lower than or equal to 48.
-
17. Method according to claim 1, comprising a step of generating an encryption key from the supplied proven prime number.
-
18. An electronic device comprising a calculation block to execute multiplications of large numbers and/or modular exponentiation operations,
wherein it is configured to implement the method of claim 1. -
19. An integrated circuit on semiconductor chip, comprising a device according to claim 18.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeRambus Inc.
-
Original AssigneeInside Secure SA
-
InventorsFeix, Benot, Clavier, Christophe, Paillier, Pascal, Thierry, Loc
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current708/446
-
CPC Class CodesG06F 17/11 for solving equations , e.g...G06F 2207/7204 Prime number generation or ...G06F 7/58 Random or pseudo-random num...G06F 7/72 using residue arithmeticH04L 2209/24 Key scheduling, i.e. genera...H04L 9/0816 Key establishment, i.e. cry...H04L 9/0869 involving random numbers or...
