paillier 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7abfb860227e0f15e0f9f083884469f7615be645
-  data.tar.gz: 8c93d15448f9e6caffb6ad9980ba1c958094facf
+  metadata.gz: 3d489649541fa6f023075161d2d2772bd0d05539
+  data.tar.gz: 8b6138fbebb78bcb2a8e3360b753bb2a43faa4ab
 SHA512:
-  metadata.gz: e364613ba383aca3761cf242834d473f8f0704c8723c8072dc8ae9b14f8a0aab9bd61f5c8f530b660446145f0fda94ea81a100d196f7391dd3b167933d6c717e
-  data.tar.gz: e429ec57015496f0767cdb28360702435efd75ffc6e39d6264b7a4c81ac6e3dcbb3101c7187677b3a4c9afac4011cd8615e8ea73e9b7105d00442fde2f3fc15f
+  metadata.gz: 823b4a093380c87f0403589bf9a982fdf59628ced3df9fdf0bc3c0fbcee0338113d049e6b3423468df3b70570a2540cf95c2f12e5bed958ac07552ea29cb63dd
+  data.tar.gz: 0b931043d6fefe9bae67ef4765f59098ec8b102244af1fc62a5502c32b8501779bc9fa4bb1879f07825473f85f315a6c9512f9386c537d548c808a55affdb41a

data/lib/paillier/primes.rb

@@ -10,33 +10,37 @@ module Paillier
 			return int.to_s(2).length
 		end
 
-		def self.defaultK(bits)
-			double = bits * 2
-			return (40 > double) ? 40 : double
-		end
-
-		# This is based on the Wikipedia article on the Fermat primality test
-		# returns true if probably prime, false if definitely composite
-		def self.probabilisticPrimeTest(target, k)
-			for _ in (1 .. k)
-				a = rand(2 .. (target-2))
-				# We want to run "x = (a ** target-1) % target", but the values
-				# are huge. Instead we call out to openssl and do it with mod_exp
-				mod = a.to_bn.mod_exp(target-1, target)
-				if( mod != 1 )
-					return false # Def composite
-				end
-			end
-			return true # probs prime
-		end
+        # This is an implementation of the Rabin-Miller primality test.
+        # Previous versions used Little Fermat, but that is not effective
+        # in all cases; specifically, it can be thwarted by Carmichael 
+        # numbers. We use 50 rounds as the default, in order to get a certainty
+        # of 2^-100 that we have found a prime. This implementation is adapted
+        # from https://rosettacode.org/wiki/Miller-Rabin_primality_test#Ruby
+        def self.probabilisticPrimeTest(target, k=50)
+            d = target-1
+            s = 0
+            while d % 2 == 0
+                d /= 2
+                s += 1
+            end
+            k.times do
+                a = 2 + rand(target-4)
+                x = a.to_bn.mod_exp(d, target)
+                next if x == 1 || x == target-1
+                for r in (1..s - 1)
+                    x = x.to_bn.mod_exp(2, target)
+                    return false if x == 1
+                    break if x == target - 1
+                end
+                return false if x != target-1
+            end
+            return true # probs prime
+        end
 
-		def self.isProbablyPrime?(possible, k=nil)
+		def self.isProbablyPrime?(possible, k=50)
 			if( possible == 1 )
 				return true
 			end
-			if( k.nil? )
-				k = defaultK(bitLength(possible))
-			end
 			for i in SmallPrimes
 				if( possible == i )
 					return true
@@ -59,14 +63,10 @@ module Paillier
 		end
 
 		# Get a random prime of appropriate length
-		def self.generatePrime(bits, k=nil)
+		def self.generatePrime(bits, k=50)
 			if( bits < 8 )
 				raise "Bits less than eight!"
 			end
-			if( k == nil )
-				k = defaultK(bits)
-			end
-
 			while( true )
 				lowerBound = (2 ** (bits-1) + 1)
 				size = ((2 ** bits) - lowerBound)
@@ -82,7 +82,7 @@ module Paillier
 				raise "Bits less than eight!"
 			end
 
-			# If we find a number not coprome to n then finding `p` and `q` is trivial.
+			# If we find a number not coprime to n then finding `p` and `q` is trivial.
 			# This will almost never happen for keys of reasonable size, so if
 			# `coprime_to` is big enough we won't bother running the expensive test.
 			no_test_needed = false

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: paillier
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Daylighting Society
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-13 00:00:00.000000000 Z
+date: 2018-11-10 00:00:00.000000000 Z
 dependencies: []
 description: An implementation of Paillier homomorphic addition public key system
 email: paillier@daylightingsociety.org