The security of the RSA algorithm is based on the difficulty of factorizing very large numbers. The setup of an RSA cryptosystem involves the generation of two large primes, say p and q, from which, the RSA modulus is calculated as n = p * q. The greater the modulus size, the higher is the security level of the RSA system. The recommended RSA modulus size for most settings is 2048 bits to 4096 bits. Thus, the primes to be generated need to be 1024 bit to 2048 bit long. For the synthesis of such large primes, instead of depending on deterministic methods, we rely on finding numbers that are prime with a satisfactorily high level of probability.
Large Prime Generation Procedure:
The goal is to efficiently compute very large random prime numbers with a specified bit-size. The standard method of manually implementing a random prime number generator which can generate prime values with a satisfactory level of accuracy is given as follows:
- Preselect a random number with the desired bit-size
- Ensure the chosen number is not divisible by the first few hundred primes (these are pre-generated)
- Apply a certain number of Rabin Miller Primality Test iterations, based on acceptable error rate, to get a number which is probably a prime
Below are the steps to implement the above procedure:
- Picking a Random Prime Candidate
The generation of a random number with n-bits means the random number is in the range 0 and . Some considerations when generating the random number are:
- Picking of small primes, such as 3, 5, 7…, must be avoided as the factorization of RSA modulus would become trivial. Thus, care must be taken to not have too many leading zeroes. This may be done by always making the highest order bit = 1
- Since all primes (> 2) are odd, for better performace, just odd number may be picked
- The generation of a random number with n-bits means the random number is in the range 0 and . Some considerations when generating the random number are:
- This step is a a low level primality test which requires the pre-calculation of the first few hundred primes (using Sieve of Eratosthenes).
- The prime candidate is divided by the pre-generated primes to check for divisibility. If the prime candidate is perfectly divisible by any of these pre-generated primes, the test fails and a new prime candidate must be picked and tested. This is repeated as long as a value which is coprime to all the primes in our generated primes list is found
- A prime candidate passing the low-level test is then tested again using the Rabin Miller Primality Test.
- For extremely large numbers, such as ones used in RSA, deterministic testing of whether the chosen value is prime or not is highly impractical as it requires an unreasonable amount of computing resources.
- A probabilistic approach is preferred as such. If an inputted value passes a single iteration of the Rabin Miller test, the probability of the number being prime is 75%.
- Thus, a candidate passing the test, an adequate number of times, can be considered to be a prime with a satisfactory level of probability.
- Usually, in commercial applications, we require error probabilities to be less than .
Finally, we can combine the above functions to create a three-step process to generate large primes. The steps would be
- Random number generation by calling nBitRandom(bitsize)
- Basic division test by calling getLowLevelPrime(prime_candidate)
- Rabin Miller Test by calling isMillerRabinPassed(prime_candidate)
- If the chosen random value passes all primality tests, it is returned as the n-bit prime number. Otherwise, in the case of test-failure, a new random value is picked and tested for primality. The process is repeated until the desired prime is found.
Below is the complete implementation of the above approach
1024 bit prime is:
Note: Library Generation of Large Primes in Python
The pycrypto library is a comprehensive collection of secure hash functions and various encryption algorithms. It also includes basic functions commonly required in encryption/decryption setups such as random number generation and random prime number generation. The goal of generating a random prime number with a specified bit-size can be achieved using the pycrypto getPrime module.
The syntax for generating a random n-bit prime number is:
Don’t stop now and take your learning to the next level. Learn all the important concepts of Data Structures and Algorithms with the help of the most trusted course: DSA Self Paced. Become industry ready at a student-friendly price.
- New Algorithm to Generate Prime Numbers from 1 to Nth Number
- Check if a number is Prime, Semi-Prime or Composite for very large numbers
- Algorithm to generate positive rational numbers
- Absolute difference between the Product of Non-Prime numbers and Prime numbers of an Array
- Absolute Difference between the Sum of Non-Prime numbers and Prime numbers of an Array
- Absolute difference between the XOR of Non-Prime numbers and Prime numbers of an Array
- Print the nearest prime number formed by adding prime numbers to N
- Permutation of first N positive integers such that prime numbers are at prime indices | Set 2
- Permutation of first N positive integers such that prime numbers are at prime indices
- Print prime numbers with prime sum of digits in an array
- Count all prime numbers in a given range whose sum of digits is also prime
- Check if a prime number can be expressed as sum of two Prime Numbers
- Sum of two large numbers
- LCM of two large numbers
- GCD of two numbers when one of them can be very large
- Divisible by 37 for large numbers
- Remainder with 7 for large numbers
- Difference of two large numbers
- Find Last Digit of a^b for Large Numbers
- Sum of all natural numbers from L to R ( for large values of L and R )
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.