search for: primal

...6 12:57:05 -0400, Hubert Kario wrote: > creating composites that will pass even 100000 rounds of Miller-Rabin is > relatively simple.... > (assuming the values for M-R tests are picked randomly) Can you point me to the algorithms for doing that? This would suggest that we really do want primality proofs (and a good way to verify them). Do those algorithms hold for creating composites that pass M-R tests for both p and (p-1)/2 ? > I'd be against shipping any primes that are not generated from known, expected > values, like hash of "OpenSSH 1024 bit DH prime, try #1"...

...gt; > knowledge. > > that being said, how using NUMS seeds to generate safe prime would > hurt? If you're concerned about precomputation, then it effectively gives the attackers a list of what you're going to use in the future. > also, doesn't that require us to provide primality certificates for q > rather than p? IMO you'd want both to prove a safe prime -d

...those can be disabled on Debian with "DebianBanner no" in sshd_config. We'd want to make sure that distro-specific moduli don't re-introduce fingerprinting for operators who want to hide their choice of distro. --dkg PS Darren, has there been any attempt at generating primality proofs for the values in ./moduli, as opposed to 100 rounds of Miller-Rabin? It would be a shame for a pseudoprime to slip in, however unlikely that would be.

...; >> Can you point me to the algorithms for doing that? > > OEIS A014233 Hm, this is a sequence, but not an algorithm. It looks to me like it is not exhaustive, just a list of those integers which are known to have the stated property ("Smallest odd number for which Miller-Rabin primality test on bases <= n-th prime does not reveal compositeness"). Taking the final integer in that sequence (a(11)) fails even the default 25-round M-R test in gmp: >>> k = gmpy2.mpz(3825123056546413051) >>> gmpy2.is_prime(k) False >>> Indeed, the arxiv suggests...

...Kario wrote: >> > OEIS A014233 >> >> Hm, this is a sequence, but not an algorithm. It looks to me like it is >> not exhaustive, just a list of those integers which are known to have >> the stated property ("Smallest odd number for which Miller-Rabin >> primality test on bases <= n-th prime does not reveal compositeness"). >> >> Taking the final integer in that sequence (a(11)) fails even the default >> >> 25-round M-R test in gmp: >> >>> k = gmpy2.mpz(3825123056546413051) >> >>> gmpy2.is_pr...

...parameters until regeneration finishes), but for cold starts, the server can be tied up for a few minutes creating DH parameters while clients queue up. I ran "openssl dhparam 2048" and got wildly varying run times of 1m45s, 11m56s, 0.4s, 2m19s, 3h23s. Most of the time was spent testing primality of candidate p *and* (p-1)/2 -- so called "safe prime". If you're unlucky, this can take a long time. However, it appears "safe" primes are not what they're cracked up to be -- they offer some guarantees, but are not safer than non-safe primes. Creating DH parameter...

...ource i can try and find a way to set the connector property more permanently (if anyone has suggestions besides sticking an xrandr command in my .xinitrc please let me know), but i don't see why we would need to assume that anything but lvds and eDP needs to be dithered. -- Far away from the primal instinct, the song seems to fade away, the river get wider between your thoughts and the things we do and say.

...R witnesses, or not. Then we can use SHA-512 > instead of SHA-256, or some SHA-3 variant. If you're constantly changing the parameters, then this is the opposite of NUMS. Anyway, I don't think a NUMS-like approach is necessary. It certainly isn't with users independently generating primality certificates. -d

Hello, There's a typo in moduli.5 manpage. I'm not quite sure it needs a patch. Anyway, the fix is: s/primaility/primality/ Regards -- ^L.

Sorry for the resend but I am not sure if the first one ever made the list. As mentioned in my previous posts I''m trying to create a dynamic directory for file_folumn. After finding out that I didn''t have the most recent version I installed the latest trunk and am able to get file_column to act as it should. However I have been racking my brain on how to implement

On 25 September 2017 at 02:32, Mark D. Baushke <mdb at juniper.net> wrote: > [+CC Loganaden Velvindron <logan at hackers.mu>] primary author of > the RFC 4419 refresh draft. https://datatracker.ietf.org/doc/draft-lvelvindron-curdle-dh-group-exchange/ ? Tangent: has any consideration been given to increasing the maximum allowed beyond 8192 bits (which is below the current NIST

hi everyone, ipop very quickly and accurately identifies the correct parameters in a toy dataset i built, but when i use ipop on the real dataset i get values for the parameters " primal(res) " that are less than zero, even though i specify zero for the lower bound : l = rep(0, length(c)) , where length(c) is the number of parameters i'm trying to identify. the parameters are not A LOT less than zero-- they're close to zero, but still too large a problem to ignore....

...some reason, there only seem to be generators 2 and 5, while that seems to check for generator 0, but if you try to use that in the command, it produces the error: Generator invalid: 0 (too small) even though the documentation lists: By default, each candidate will be subjected to 100 primality tests.? This may be overridden using the -O prime-tests option.? The DH generator value will be chosen automatically for the prime under consideration.? If a specific generator is desired, it may be requested using the -O generator option.? Valid generator values are 2, 3, and 5.

Hi, I'm interested in requiring a minimum of 3072-bit DH moduli when using the "diffie-hellman-group-exchange-sha256" kex, so I edited my /etc/ssh/moduli file such that only 3071+ moduli are left. However, when clients ask for a max of 2048-bit moduli, they actually get one (!). I poked around and found that a fallback mechanism exists (dh.c:185), which returns back the

...l state University named after Demidov(Matematic Department, 4 course). I'm interested in mathematic and coding. I would like to write programs assosiated with my profession. My favorite language is c++ builder. My experience: 1). Program that provide deterministic polynomial-time algorithm for primality testing. It was developed by Indian mathematics. (with writing a simple GUI, platform x86) 2). Program that is finding all decisions of equation like: (1 / x1) + (1 / x2) + (1 / x3) + ... + (1/ xn) = a / b (b > a) 3). And now i'm driving away at program that is breaking Viginer's ciph...

...and concepts between R and C. The GLPK package is intended for solving large-scale linear programming (LP), mixed integer linear programming (MIP), and other related problems. The GLPK library includes the following main components: * implementation of the simplex method; * implementation of the primal-dual interior-point method; * implementation of the branch-and-bound method; * application program interface (API); * GNU MathProg modeling language (a subset of AMPL); * GLPSOL, a stand-alone LP/MIP solver. See GLPK webpage <http://www.gnu.org/software/glpk/glpk.html>. ____________________...

...(unfolding models) - smacof with constraints on the configuration (linear, unique, diagonal, or user-specified constraints; fitting simplex or circumplex) - 3-way smacof for individual differences (including constraints for idioscal, indscal, and identity) - Sphere projections (spherical smacof, primal and dual algorithm). Each of these approaches is implemented in a metric and nonmetric manner including primary, secondary, and tertiary approaches for tie handling. Various 2- and 3D-plots are provided and a package vignette is included. Patrick _______________________________________________...

...on. A copy of this is my dev db. rake prepare_test_database on this database takes 20+ minutes. Can someone PLEASE tell me if there is a solution to improving the prepare time for this DB ? Thank you thank you thank you in advance! -- ------------------------------ me in you, you in me - the primal empathic mirror in all of us. ------------------------------ Peter Fitzgibbons -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060106/78f90b37/attachment.html

...and concepts between R and C. The GLPK package is intended for solving large-scale linear programming (LP), mixed integer linear programming (MIP), and other related problems. The GLPK library includes the following main components: * implementation of the simplex method; * implementation of the primal-dual interior-point method; * implementation of the branch-and-bound method; * application program interface (API); * GNU MathProg modeling language (a subset of AMPL); * GLPSOL, a stand-alone LP/MIP solver. See GLPK webpage <http://www.gnu.org/software/glpk/glpk.html>. ____________________...

...Other verifier files must be owned by root and must not be readable by group or other. * The parameter test code in srp-util.c and tconf2embed.c was missing the test for g^2 mod p != 1. Thus 6 was accepted as a primitive generator for 7, which it ain't. * tconf2embed -f means skip the primality check. * Installation instructions in README.SRP. Please send all bug reports/patches/complaints to <tomh at po.crl.go.jp>. Dr. Tom Holroyd "I am, as I said, inspired by the biological phenomena in which chemical forces are used in repetitious fashion to produce all kinds of weird...