Best IT Recipes

Using BigInteger.isProbablePrime () to generate cryptographically secure primes

Can you use BigInteger.isProbablePrime () to generate cryptographically secure primes? What certainty is needed to be “safe”?

+1
java cryptography biginteger primes public-key-encryption
Apr 17 '14 at 22:02
source share
3 answers

I do not have a degree in cryptography, so take it with salt.

There are two main problems here:

  • Your prime numbers must be unpredictably random. This means that you need to use a source like SecureRandom to generate your primes. No matter how confident your simplicity is, if they are predictable, the entire cryptosystem does not fulfill its purpose. If you use the BigInteger(int bitLength, int certainty, Random rnd) constructor BigInteger(int bitLength, int certainty, Random rnd) , you can pass your SecureRandom as subclasses of Random .

  • Your potential primes should be reasonably sure that they are primes (I assume that you are using an algorithm that relies on the hardness of factoring). If you get a likely limit, but an attacker is likely to affect it within 5 minutes, because it has a factor that was never seen when checking the primates that you ran, you were a little unlucky with your algorithm. Rabin-Miller is usually used, and this answer claims that for 32-bit integers, confidence of 15 is enough. A value of up to 40 is recommended, and everything that doesn't make sense does not make sense.

+5
Apr 17 '14 at 22:14
source share

So I created a secure BigInteger for my cryptographic application.

Here is my code:

  BigInteger b = new BigInteger(25, new SecureRandom());

Since you also need this for a cryptographic application, in my opinion, getting BigInteger is correct. Note. Remember that SecureRandom objects are considered expensive. Therefore, you should not initialize them many times.

After reading the comments, he is Here's a way that guarantees you more confidence in getting a prime number.

  BigInteger b =BigInteger.probablePrime(25, new SecureRandom(););
+4
Apr 17 '14 at 22:13
source share

As @hexafraction says, you need to use SecureRandom() to generate a random number of cryptographic quality. Javadoc says the generated simple 2% -100 is safe. If you need extra security (say 2 ^ -128 for equivalent AES security) then run more iterations of the Miller-Rabin test . Each iteration gives you extra 2 ^ -2 protection, so fourteen iterations will give you 2 ^ -128.

+1
Apr 17 '14 at 23:00
source share


More articles:


All Articles