Prev: Adi Shamir's Cube Attacks
Next: Merry Christmas 7
From: Pubkeybreaker on 1 Sep 2008 18:52
On Aug 29, 6:04�pm, Thomas Pornin <por...(a)bolet.org> wrote:
> According to Mensanator �<mensana...(a)aol.com>:
>
> > Well, you can add some bits to the probability calculation.
> Note that there is no such thing as a "probably prime integer". The
> integer is prime, or not.

Yes and no. The integer is indeed either prime or composite.
But what "probable prime" means is that the integer has been
subjected to a test and the TEST ITSELF is sometimes in error.
It isn't that the number is "probably prime" in the literal meaning.
It is that it has been subjected to a test that sometimes has type-1
errors (i.e. false positives). The "probability" label applies to the
test and not the candidate,



From: Pubkeybreaker on 1 Sep 2008 18:54
On Aug 30, 3:18�am, Kristian Gj�steen <kristiag+n...(a)math.ntnu.no>
wrote:
> Thomas Pornin �<por...(a)bolet.org> wrote:

> What's the real likelihood of n rounds Miller-Rabin making a mistake?
> I tried five rounds of Miller-Rabin for about a million random 100-bit
> numbers, and it didn't make a mistake. Then I did the same for one round

Pomerance wrote a paper on this in Math.Comp. (back in the
late 80's IIRC). It was titled something like "The probability that
a random strong PRP is composite".

The probability depends on the size of the candidate and the
number of rounds. The HAC discusses this,

From: Pubkeybreaker on 1 Sep 2008 18:57
On Aug 30, 5:20�am, Jean-Claude Arbaut <jeanclaudearb...(a)orange.fr>
wrote:
> Thomas Pornin wrote:

> There is no proof that strong witnesses are random.

Yes, there is. See the paper that I cited by Pomerance.

I have been reading this thread. There is a LOT of confusion
and false statements being tossed about by a number of different
posters.

STOP IT.

If you don't KNOW, then don't respond.
From: WTShaw on 3 Sep 2008 04:40
On Sep 1, 5:57 pm, Pubkeybreaker <pubkeybrea...(a)aol.com> wrote:
> On Aug 30, 5:20 am, Jean-Claude Arbaut <jeanclaudearb...(a)orange.fr>
> wrote:
>
> > Thomas Pornin wrote:
> > There is no proof that strong witnesses are random.
>
> Yes, there is.  See the paper that I cited by Pomerance.
>
> I have been reading this thread.  There is a LOT of confusion
> and false statements being tossed about by a number of different
> posters.
>
> STOP IT.
>
> If you don't KNOW,  then don't respond.

Humm....Possible dogma meets the scientific method...How refreshing!
The reasons for experimentation include clarification, defining new
theories, and verification..and others. Loss of the right to question
rather smacks of pure authoritarianism. Either you are vindicated,
wrong, or have need to honestly consider new information and explain
it. May the facts win...
From: Pubkeybreaker on 3 Sep 2008 05:57
On Sep 3, 4:40�am, WTShaw <lure...(a)gmail.com> wrote:
> On Sep 1, 5:57�pm, Pubkeybreaker <pubkeybrea...(a)aol.com> wrote:
>
> > On Aug 30, 5:20 am, Jean-Claude Arbaut <jeanclaudearb...(a)orange.fr>
> > wrote:
>
> > > Thomas Pornin wrote:
> > > There is no proof that strong witnesses are random.
>
> > Yes, there is. �See the paper that I cited by Pomerance.
>
> > I have been reading this thread. �There is a LOT of confusion
> > and false statements being tossed about by a number of different
> > posters.
>
> > STOP IT.
>
> > If you don't KNOW, �then don't respond.
>
> Humm....Possible dogma meets the scientific method...How refreshing!

Horseshit.

> The reasons for experimentation include clarification, defining new
> theories, and verification..and others.

There is no "experimentation" here. Just numerous
incorrect statements about prime-testing algorithms.

�Loss of the right to question
> rather smacks of pure authoritarianism.

If you could read, you would realize that noone is
ASKING questions. It is they who are being dogmatic
in their incorrect assertions.


First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5 6 7 8 9 10 11
Prev: Adi Shamir's Cube Attacks
Next: Merry Christmas 7