Discussion about math, puzzles, games and fun. Useful symbols: ÷ × ½ √ ∞ ≠ ≤ ≥ ≈ ⇒ ± ∈ Δ θ ∴ ∑ ∫ π -¹ ² ³ °

You are not logged in.

- Topics: Active | Unanswered

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

given:

Choose an L-bit prime modulus p such that p1 is a multiple of q.

what is the best way to find p that is both prime and (p-1) mod q = 0? right now, im doing the brute force way of:

```
q is some big prime number
p = randint(3,2^L) # i guess the bit size can be ignored for the moment
p = q * (1 + p/q) + 1 # since the values are ints, p/q is really floor(p/q). this gets a value that is a (multiple of q) +1, like q = 7 ->p = 3*7 +1 = 22
while p is not prime: # the testing function is MillerRabin
p = p - q
```

testing is taking forever, but since im terrible at reading other people's codes, ive been unable to find out how other people programed this to work very fast

Visit calccrypto.wikidot.com for detailed descriptions of algorithms and other crypto related stuff (not much yet, so help would be appreciated).

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Hi calccrypto;

A question: Is randint(a,b) that you are using a python command? If so what does it return?

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

well the entire code block is just a pseudo code, but randint (which is also a legitimate command) is supposed to returns a random integer between a and b, inclusive. the real code is barely any different

Visit calccrypto.wikidot.com for detailed descriptions of algorithms and other crypto related stuff (not much yet, so help would be appreciated).

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Hi;

Isn't this a Rabin Miller primality tester? It has been 15 years since I have done any computerized primality testing but this reminds me of the deterministec form of Miller Rabin?!

If I am not in error then I must say this test is much slower than the probabilitic version of it. So how big are the numbers you are trying to test for primality?

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

no. i guess my comment was a bit vague

i might as well put the real code:

```
p = randint(3, 2**L)
p = q * (1 + p/q) + 1
while MillerRabin(p) == False: # prime = True, composite = False
p = p + q
```

miller rabin is not what im creating. rather, it is another function that im using to test my p values, and it is the probabilistic test.

the L value can be 1024,2048, or 3072

Visit calccrypto.wikidot.com for detailed descriptions of algorithms and other crypto related stuff (not much yet, so help would be appreciated).

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Hi,

2^3072 are 1000 digit numbers, maybe that's where the slow down is.

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

yep, which is why i want to try to speed up the testing a bit

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Hi cal;

It may not be possible with numbers that large. Those are really large. Where is the bottleneck? Have you wrapped pieces of the code with timers to see which part is the slowest?

Also being a probabilistic primality tester each iteration reduces the probability that the number is composite by a factor of 4. So after only a couple of iterations you will have a number that is very likely to be prime. You will not have certainty.

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

I think the bottleneck is the testing itself. Oh well. No matter. I'll eventually figure this out.

Thanks bobbym

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Hi;

Yes, but which part is using most of the time. That's the part you try to speed up.

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

is there a better and faster method of testing?

*Last edited by calccrypto (2010-07-19 11:29:47)*

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Depends what are you trying to do? Primality testing? What?

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

yeah. just testing if the number is prime

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

Hi cal;

You do know that the fastest deterministic test is the new one invented by those 3 Indian mathematicians and will determine the status of a number with 1000 digits in about 1 hour on a modern desktop.

This is the fastest known.

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**

**calccrypto****Member**- Registered: 2010-03-06
- Posts: 96

darn.

Offline

**bobbym****Administrator**- From: Bumpkinland
- Registered: 2009-04-12
- Posts: 96,616

That is the fastest for an exact answer concerning primality. If you use the probabilistic RM and run through the algorithm say 15

times you would have a probability less than .000 000 000 931 that the number is not prime.

**In mathematics, you don't understand things. You just get used to them.**

**If it ain't broke, fix it until it is.**

**Online**