Abstract
In this paper we make two observations on Rabin's probabilistic primality test. The first is a provocative reason why Rabin's test is so good. It turned out that a single iteration has a nonnegligible probability of failing only on composite numbers that can actually be split in expected polynomial time. Therefore, factoring would be easy if Rabin's test systematically failed with a 25% probability on each composite integer (which, of course, it does not). The second observation is more fundamental because it is not restricted to primality testing: it has consequences for the entire field of probabilistic algorithms. The failure probability when using a probabilistic algorithm for the purpose of testing some property is compared with that when using it for the purpose of obtaining a random element hopefully having this property. More specifically, we investigate the question of how reliable Rabin's test is when used to generate a random integer that is probably prime, rather than to test a specific integer for primality.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Adleman, L., and M.-D. Huang, Recognizing primes in random polynomial time, Proceedings of the 19th Annual ACM Symposium on the Theory of Computing, pp. 462–469, 1987.
Adleman, L., C. Pomerance, and R. Rumely, On distinguishing prime numbers from composite numbers, Annals of Mathematics, vol. 117, pp. 173–206, 1983.
Babai, L., Monte Carlo algorithms in graph isomorphism testing, Rapport de Recherches du Département de Mathématiques et de Statistiques, D.M.S. # 79-10, Université de Montréal, 1979.
Baillie, R., and S. S. Wagstaff, Jr., Lucas pseudoprimes, Mathematics of Computation, vol. 35, no. 152, pp. 1392–1417, 1980.
Beauchemin, P., G. Brassard, C. Crépeau, and C. Goutier, Two observations on probabilistic primality testing, Advances in Cryptology—Crypto 86 Proceedings, Springer-Verlag, New York, pp. 443–450, 1987.
Brassard, G., and P. Bratley, Algorithmics: Theory and Practice, Prentice-Hall, Englewood Cliffs, New Jersey, 1988.
Cohen, H., and A. K. Lenstra, Implementation of a new primality test, Mathematics of Computation, vol. 48, no. 177, pp. 103–121, 1987.
Couvreur, C., and J.-J. Quisquater, An introduction to fast generation of large prime numbers, Philips Journal of Research, vol. 37, nos. 5/6, pp. 231–264, 1982.
Erdös, P., and C. Pomerance, On the number of false witnesses for a composite number, Mathematics of Computation, vol. 46, no. 173, pp. 259–279, 1986.
Gill, J., Computational complexity of probabilistic Turing machines, SIAM Journal on Computing, vol. 6, no. 4, pp. 675–695, 1977.
Goldwasser, S., and J. Kilian, Almost all primes can be quickly certified, Proceedings of the 18th Annual ACM Symposium on the Theory of Computing, pp. 316–329,1986.
Hardy, G. H., and E. M. Wright, An Introduction to the Theory of Numbers, Fifth edition, Oxford Science Publications, 1979.
Knuth, D. E., The Art of Computer Programming, Volume 2, Second edition, Addison-Wesley, Reading, Massachusetts, 1981.
Kranakis, E., Primality and Cryptography, Wiley-Teubner Series in Computer Science, 1986.
Miller, G. L., Riemann's hypothesis and tests for primality, Journal of Computer and System Sciences, vol. 13, pp. 300–317, 1976.
Monier, L., Evaluation and comparison of two efficient probabilistic primality testing algorithms, Theoretical Computer Science, vol. 11, pp. 97–108, 1980.
Pomerance, C., The search for prime numbers, Scientific American, vol. 247, no. 6, pp. 136–147, 1982.
Pomerance, C., J. L. Selfridge, and S. S. Wagstaff, Jr., The pseudoprimes to 25.109, Mathematics of Computation, vol. 35, no. 151, pp. 1003–1026, 1980.
Pratt, V., Every prime has a succinct certificate, SIAM Journal on Computing, vol. 4, no. 3, pp. 214–220, 1975.
Rabin, M. O., Probabilistic algorithm for testing primality, Journal of Number Theory, vol. 12, pp. 128–138, 1980.
Rivest, R. L., A. Shamir, and L. Adleman, A method for obtaining digital signatures and publickey cryptosystems, Communications of the Association for Computing Machinery, vol. 21, no. 2, pp. 120–126, 1978.
Solovay, R., and V. Strassen, A fast Monte Carlo test for primality, SIAM Journal on Computing, vol. 6, pp. 84–85, 1977; erratum in vol. 7, p. 118,1978.
Author information
Authors and Affiliations
Additional information
Supported in part by NSERC grant A4107. Part of the research was performed while this author was at the CWI, Amsterdam.
Supported in part by an NSERC Posgraduate Scholarship. Part of the research was performed while this author was at the Université de Montréal.
Supported in part by an NSF grant.
Rights and permissions
About this article
Cite this article
Beauchemin, P., Brassard, G., Crépeau, C. et al. The generation of random numbers that are probably prime. J. Cryptology 1, 53–64 (1988). https://doi.org/10.1007/BF00206325
Issue Date:
DOI: https://doi.org/10.1007/BF00206325