An Extended Quadratic Frobenius Primality Test with Average Case Error Estimates

We present an Extended Quadratic Frobenius Primality Test (EQFT), which is related to the Miller-Rabin test and the Quadratic Frobenius test (QFT) by Grantham. EQFT is well-suited for generating large, random prime numbers since on a random input number, it takes time about equivalent to 2 Miller-Rabin tests, but has much smaller error probability. EQFT extends QFT by verifying additional algebraic properties related to the existence of elements of order 3 and 4. We obtain a simple closed expression that upper bounds the probability of acceptance for any input number. This in turn allows us to give strong bounds on the average-case behaviour of the test: consider the algorithm that repeatedly chooses random odd k bit numbers, subjects them to t iterations of our test and outputs the first one found that passes all tests. We obtain numeric upper bounds for the error probability of this algorithm as well as a general closed expression bounding the error. For instance, it is at most 2^{-143} for k=500, t=2 . Compared to earlier similar results for the Miller-Rabin test, the results indicates that our test in the average case has the effect of 9 Miller-Rabin tests, while only taking time equivalent to about 2 such tests. We also give bounds for the error in case a prime is sought by incremental search from a random starting point. While EQFT is slower than the average case on a small set of inputs, we present a variant that is always fast, i.e. takes time about 2 Miller-Rabin tests. The variant has slightly larger worst case error probability than EQFT, but still improves on previous proposed tests.

[1]  Rasmus Pagh,et al.  Fast Random Access to Wavelet Compressed Volumetric Data Using Hashing , 2001 .

[2]  Ivan Damgård,et al.  From Known-Plaintext Security to Chosen-Plaintext Security , 2001 .

[3]  J. Ward,et al.  Book Review: Proceedings of the Third International Conference on Spectral and High Order Methods@@@Book Review: An introduction to computational geometry for curves and surfaces@@@Book Review: The mathematics of surfaces@@@Book Review: Algorithmic number theory, Volume I: Efficient algorithms , 1998 .

[4]  Ivan Damgård,et al.  Speeding up Prime Number Generation , 1991, ASIACRYPT.

[5]  Zoltán Ésik,et al.  Free De Morgan Bisemigroups and Bisemilattices , 2001 .

[6]  Mayer Goldberg,et al.  A General Schema for Constructing One-Point Bases in the Lambda Calculus , 2001 .

[7]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[8]  Jon Grantham,et al.  A Probable Prime Test with High Confidence , 1998, 1903.06823.

[9]  I. Damgård,et al.  Average case error estimates for the strong probable prime test , 1993 .

[10]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[11]  Harald Ruess,et al.  Predicate Abstraction for Dense Real-Time Systems , 2001 .

[12]  An Extended Quadratic Frobenius Primality Test with Average Case Error Estimates , 2001 .

[13]  F. Jones There and back again , 1989, Nature.

[14]  Ivan Damgård,et al.  On Generation of Probable Primes By Incremental Search , 1992, CRYPTO.

[15]  Ivan Damgård,et al.  Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor , 2001, CRYPTO.

[16]  Ronald Joseph Burthe Further investigations with the strong probable prime test , 1996, Math. Comput..

[17]  Gerth Stølting Brodal,et al.  Cache oblivious search trees via binary trees of small height , 2001, SODA '02.

[18]  Olivier Danvy,et al.  CPS transformation of flow information, Part II: administrative reductions , 2003, J. Funct. Program..

[19]  Siguna Müller,et al.  A Probable Prime Test with Very High Confidence for n ≡ 3 mod 4 , 2003, Journal of Cryptology.