Generating Provable Primes Efficiently on Embedded Devices

  • Christophe Clavier
  • Benoit Feix
  • Loïc Thierry
  • Pascal Paillier
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7293)


This paper introduces new techniques to generate provable prime numbers efficiently on embedded devices such as smartcards, based on variants of Pocklington’s and the Brillhart-Lehmer-Selfridge-Tuckerman-Wagstaff theorems. We introduce two new generators that, combined with cryptoprocessor-specific optimizations, open the way to efficient and tamper-resistant on-board generation of provable primes. We also report practical results from our implementations. Both our theoretical and experimental results show that constructive methods can generate provable primes essentially as efficiently as state-of-the-art generators for probable primes based on Fermat and Miller-Rabin pseudo-tests. We evaluate the output entropy of our two generators and provide techniques to ensure a high level of resistance against physical attacks. This paper intends to provide practitioners with the first practical solutions for fast and secure generation of provable primes in embedded security devices.


Prime Numbers Pocklington’s theorem Public Key Cryptography Embedded Software Modular Exponentiation Cryptographic Accelerators Primality Proving 


  1. 1.
    Agrawal, M., Kayal, N., Saxena, N.: PRIMES is in P. Annals of Mathematics 2, 781–793 (2002)MathSciNetGoogle Scholar
  2. 2.
    Alford, W.R., Granville, A., Pomerance, C.: On the Difficulty of Finding Reliable Witnesses. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol. 877, pp. 1–16. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  3. 3.
    Ankeny, N.C.: The least quadratic non residue. Annals of Mathematics 55, 65–72 (1952)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Atkin, A.O.L., Morain, F.: Elliptic Curves And Primality Proving. Mathematics of Computation 61, 29–68 (1993)MathSciNetzbMATHCrossRefGoogle Scholar
  5. 5.
    Bach, E.: Explicit bounds for primality testing and related problems. Mathematics of Computation 55, 355–380 (1990)MathSciNetzbMATHCrossRefGoogle Scholar
  6. 6.
    Brillhart, J., Lehmer, D.H., Selfridge, J.L., Tuckerman, B., Wagstaff Jr., S.S.: Factorization of b n ±1, b = 2, 3, 5, 7, 10, 11, 12 Up to High Powers, vol. 22. American Mathematical Society (1988)Google Scholar
  7. 7.
    Chevallier-Mames, B., Ciet, M., Joye, M.: Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity. IEEE Transactions on Computers 53(6), 760–768 (2004)CrossRefGoogle Scholar
  8. 8.
    Clavier, C., Coron, J.-S.: On the Implementation of a Fast Prime Generation Algorithm. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 443–449. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Courrège, J.-C., Feix, B., Roussellet, M.: Simple Power Analysis on Exponentiation Revisited. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 65–79. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)MathSciNetzbMATHCrossRefGoogle Scholar
  11. 11.
    Finke, T., Gebhardt, M., Schindler, W.: A New Side-Channel Attack on RSA Prime Generation. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 141–155. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    FIPS PUB 186-3. Digital Signature Standard. National Institute of Standards and Technology (October 2009)Google Scholar
  13. 13.
    Garner, H.L.: The residue number system. In: Proceedings of the Western Joint Computer Conference, pp. 146–153 (1959)Google Scholar
  14. 14.
    Jaechke, G.: On strong pseudoprimes to several bases. Mathematics of Computation 61, 915–926 (1993)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Joye, M., Paillier, P.: Fast Generation of Prime Numbers on Portable Devices: An Update. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 160–173. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Joye, M., Paillier, P., Vaudenay, S.: Efficient Generation of Prime Numbers. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 340–354. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Joye, M., Villegas, K.: A protected division algorithm. In: Proceedings of the Fifth Smart Card Research and Advanced Application Conference, CARDIS 2002 (2002)Google Scholar
  18. 18.
    Maurer, U.M.: Fast Generation of Secure RSA-Moduli with Almost Maximal Diversity. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 636–647. Springer, Heidelberg (1990)Google Scholar
  19. 19.
    Maurer, U.M.: Fast generation of prime numbers and secure public-key cryptographic parameters. J. Cryptology 8(3), 123–155 (1995)MathSciNetzbMATHCrossRefGoogle Scholar
  20. 20.
    Pomerance, C., Selfridge, C., Wagstaff, J.L.: The pseudoprimes to 25.10e9. Mathematics of Computation 35, 1003–1026 (1990)MathSciNetGoogle Scholar
  21. 21.
    Rivest, R.L., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21, 120–126 (1978)MathSciNetzbMATHCrossRefGoogle Scholar
  22. 22.
    Shawe-Taylor, J.: Generating strong primes. Electronic Letters 22(16), 875–877 (1986)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2012

Authors and Affiliations

  • Christophe Clavier
    • 1
  • Benoit Feix
    • 1
    • 2
  • Loïc Thierry
    • 2
  • Pascal Paillier
    • 3
  1. 1.XLIMUniversity of LimogesFrance
  2. 2.INSIDE SecureFrance
  3. 3.CryptoExpertsFrance

Personalised recommendations