ISO/IEC 18032:2020 信息安全 素数生成

标准编号：ISO/IEC 18032:2020

中文名称：信息安全 素数生成

英文名称：Information security — Prime number generation

发布日期：2020-12

标准范围

本文档规定了密码协议和算法中所需的生成和测试素数的方法。首先，本文档指定了测试给定数是否为质数的方法。本文件中包含的检测方法分为两组:-概率素性测试，其具有小的错误概率。这里描述的所有概率测试都可以声明一个复合物是素数；-确定性方法，保证给出正确的判决。这些方法使用所谓的素性证书。其次，本文档指定了生成素数的方法。再次，概率和确定性方法都被提出。注意，有算法理论背景的读者可能已经接触过概率和确定性算法。本文档中的确定性方法在内部仍然利用随机位(将经由ISO/IEC 18031中描述的方法生成)，并且“确定性”仅指输出以概率1正确的事实。附录A提供了米勒-拉宾素性检验使用的误差概率。附录B描述了用于生成素数的方法的变体，以便可以满足特定的密码学要求。附录C定义了素数生成和验证方法使用的原语。

This document specifies methods for generating and testing prime numbers as required in cryptographic protocols and algorithms.
Firstly, this document specifies methods for testing whether a given number is prime. The testing methods included in this document are divided into two groups:
- probabilistic primality tests, which have a small error probability. All probabilistic tests described here can declare a composite to be a prime;
- deterministic methods, which are guaranteed to give the right verdict. These methods use so-called primality certificates.
Secondly, this document specifies methods to generate prime numbers. Again, both probabilistic and deterministic methods are presented.
NOTE It is possible that readers with a background in algorithm theory have already had previous encounters with probabilistic and deterministic algorithms. The deterministic methods in this document internally still make use of random bits (to be generated via methods described in ISO/IEC 18031), and "deterministic" only refers to the fact that the output is correct with probability one.
Annex A provides error probabilities that are utilized by the Miller-Rabin primality test.
Annex B describes variants of the methods for generating primes so that particular cryptographic requirements can be met.
Annex C defines primitives utilized by the prime generation and verification methods.

标准预览图