The first sentence should read:
The prime p could be chosen such that p-1=2*q*j where j is prime or the
product of large primes (large means greater than or equal to q).
That should make more sense.
----------
From: Tony Mione[SMTP:mione(_at_)hardees(_dot_)Rutgers(_dot_)EDU]
Sent: Thursday, July 15, 1999 11:43 AM
To: ietf-smime(_at_)imc(_dot_)org
Cc: Tony Mione
Subject: Quick comment on the Small Subgroup Attack draft
I noticed a subtle problem in the text in section 3.3. The first paragraph
reads:
The prime p could be chosen such that p-1=2*q*j where j is the product
^^^^^^^^^^^^^^^^^^^^^^
of large primes (large means greater than or equal to q). This will
^^^^^^^^^^^^^^^
prevent an attacker from being able to find an element of small order
modulo p, thus thwarting the small-subgroup attack. One method to
produce primes of this form is to run the prime generation algorithm
multiple times until an appropriate prime is obtained. As an example,
the value of j could be tested for primality. If j is prime, then the
^^^^^^^^^^^^^
value of p could be accepted, otherwise the prime generation algorithm
would be run again, until a value of p is produced with j prime.
^^^^^^
Last time I read the definition, a number cannot be both prime and the
product of 2 primes at the same time. Are we talking about j in the last
sentence or one of the other variables in the expression 'p-1=...'?
Tnx.
Tony Mione, RUCS/TD, Rutgers University, Hill 055, Piscataway,NJ -
732-445-0650
mione(_at_)noc(_dot_)rutgers(_dot_)edu W3:
http://noc.rutgers.edu/~mione/
PGPFP:D4EEA987E870277C 24AAE6E9E6ABD088 ***** Important: Rom 10:9-11
*****
Author of 'CDE and Motif : A Practical Primer', Prentice-Hall PTR