article

Free access

Primality testing using elliptic curves

Authors:

Shafi Goldwasser,

Joe KilianAuthors Info & Claims

Journal of the ACM (JACM), Volume 46, Issue 4

Pages 450 - 472

https://doi.org/10.1145/320211.320213

Published: 01 July 1999 Publication History

Abstract

We present a primality proving algorithm—a probablistic primality test that produces short certificates of primality on prime inputs. We prove that the test runs in expected polynomial time for all but a vanishingly small fraction of the primes. As a corollary, we obtain an algorithm for generating large certified primes with distribution statistically close to uniform. Under the conjecture that the gap between consecutive primes is bounded by some polynomial in their size, the test is shown to run in expected polynomial time for all primes, yielding a Las Vegas primality test.

Our test is based on a new methodology for applying group theory to the problem of prime certification, and the application of this methodology using groups generated by elliptic curves over finite fields.

We note that our methodology and methods have been subsequently used and improved upon, most notably in the primality proving algorithm of Adleman and Huang using hyperelliptic curves and in practical primality provers using elliptic curves.

References

[1]

ADLEMAN, L. M., AND HUANG, M. 1987. Recognizing primes in polynomial time. In Proceedings of the 19th Annual ACM Symposium on Theory of Computing (New York, N.Y., May 25-27). ACM, New York, pp. 462-471.

[2]

ADLEMAN, L. M., AND HUANG, M. 1992. Primality testing and Abelian varieties over finite fields. In Lecture Notes in Mathematics, vol. 1512. Springer-Verlag, New York.

[3]

ADLEMAN, L. M., MANDERS, K., AND MILLER, G. L. 1977. On taking roots in finite fields. In Proceedings of the 18th Annual Symposium on Foundations of Computer Science. IEEE, New York, pp. 175-178.

[4]

ADLEMAN, L. M., POMERANCE, C., AND RUMELY, R. 1983. On distinguishing prime numbers from composite numbers. Ann. Math. 117, 173-206.

[5]

ATKIN, A. O.L. 1986a. Schoof's algorithm. Manuscript.

[6]

ATKIN, A. O.L. 1986b. Manuscript.

[7]

ATKIN, A. O.L. 1988. The number of points on an elliptic curve modulo a prime. Manuscript.

[8]

ATKIN, A. O.L. 1992. The number of points on an elliptic curve modulo a prime (II). Manuscript.

[9]

ATKIN, A. O. L., AND MORAIN, f. 1993. Elliptic curves and primality proving. Math. Comput. 61, 203 (July), 29-68.

[10]

BOSMA, W. 1985. Primality testing using elliptic curves. Tech. Rep. 8512. Math. Instituut, Univ. Amsterdam, Amsterdam, The Netherlands.

[11]

BOSMA, W., AND VAN DER HULST, M.P. 1990. Faster primality testing. In Proceedings of EUROC- RYPT '89. Lecture Notes in Computer Science, vol. 434. Springer-Verlag, New York, pp. 652-656.

[12]

BRILLHART, J., LEHMER, D. H., AND SELFRIDGE, J.L. 1975. New primality criteria and factorizations of 2m + 1. Math. Comput. 29, 130, 620-647.

[13]

BRILLHART, J., LEHMER, D. H., SELFRIDGE, J. L., TUCKERMAN, B., AND WAGSTAFF, JR., S.S. 1988. Factorizations of b" + 1; b = 2, 3, 5, 6, 7, 10, 11, 12 up to high powers. Cont. Math. 2, 22.

[14]

CHUDNOVSKY, D., AND CHUDNOVSKY, G. 1986. Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Adv. App. Math. 7.

[15]

COHEN, H., AND LENSTRA, JR., H.W. 1984. Primality testing and Jacobi sums. Math. Comput. 42.

[16]

ELKmS, N.D. 1991. Explicit isogenies. Manuscript.

[17]

ELKmS, N. D. 1998. Elliptic and modular curves over finite fields and related computational issues. In Computational Perspectives on Number Theory: Proceedings of a Conference in Honor of A. O. L. Atkins, D. A. Buell and J. T. Teitelbaum, eds. AMS/IP Studies in Advanced Mathematics, vol. 7. American Mathematics Society, Providence, R. I., pp. 21-76.

[18]

GOLDWASSER, S., AND KILIAN, J. 1986. Almost all primes can be quickly certified. In Proceedings of the 18th Annual ACM Symposium on Theory of Computing (Berkeley, Calif., May 28-30). ACM, New York, pp. 316-329.

[19]

HEATH-BROWN, D.R. 1978. The differences between consecutive primes. J. London Math. Soc. 2, 18, 7-13.

[20]

I#ALTOFEN, E., VALENTE, T., AND YUI, N. 1989. An improved Las Vegas primality test. In Proceedings of the ACM-SIGSAM 1989 International Symposium on Symbolic and Algebraic Computation (ISSAC '89) (Portland, Ore., July 17-19), Gilt Gonnet, ed. ACM, New York, pp. 26-33.

[21]

KILIAN, J. 1990. Uses of Randomness in Algorithms and Protocols. MIT Press, Cambridge, Mass.

[22]

KONYAGIN, S., AND POMERANCE, C. 1997. On primes recognizable in deterministic polynomial time. In The Mathematics of Paul Erd6s, R. Graham and J. Negetfil, eds. Springer-Verlag, New York, pp. 177-198.

[23]

LENSTRA, JR., H.W. 1987. Factoring, integers with elliptic curves. Ann. Math. 126, 649-673.

[24]

LENSTRA, A., AND LENSTRA, JR., H.W. 1987. Algorithms in number theory. Tech. Rep. 87-008. Univ. Chicago, Chicago, Ill.

[25]

LENSTRA, JR., H. W., PILA, J., AND POMERANCE, C. 1993. A hyperelliptic smoothness test, I. Philos. Trans. Roy Soc. London Ser. A 345, 397-408.

[26]

LENSTRA, JR., H. W., PILA, J., AND POMERANCE, C. 1999. A hyperelliptic smoothness test, II. Manuscript.

[27]

LENSTRA, JR., H. W., PILA, J., AND POMERANCE, C. 1999. A hyperelliptic smoothness test, III. To appear.

[28]

MIHAILESCU, P. 1994. Cyclotomy primality proving--Recent developments. In Proceedings of the 3rd International Algorithmic Number Theory Symposium (ANTS). Lecture Notes in Computer Science, vol. 877. Springer-Verlag, New York, pp. 95-110.

[29]

MILLER, G.L. 1976. Riemann's hypothesis and test for primality. J. Comput. Syst. Sci. 13, 300-317.

[30]

MORAIN, F. 1990. Courbes elliptques et tests de primalit6. Ph.D. dissertation. Univ. Claude Bernard-Lyon I.

[31]

MORAIN, F. 1995. Calcul de nombre de points sur une courbe elliptique dans un corps fini: Aspects algorithmiques. J. Th#or. Nombres Bordeaux 7, 255-282.

[32]

PINTZ, J., STEIGER, W., AND SZEMEREDI, E. 1989. Infinite sets of primes with fast primality tests and quick generation of large primes. Math. Comput. 53, 187, 399-406.

[33]

POMERANCE, C. 1987. Very short primality proofs. Math. Comput. 48, 177, 315-322.

[34]

PRATT, V.R. 1975. Every prime has a succinct certificate. SIAM J. Comput. 4, 3, 214-220.

[35]

RABIN, M. 1980. Probabilistic algorithms for testing primality. J. Numb. Theory 12, 128-138.

[36]

SCHOOF, R. 1985. Elliptic curves over finite fields and the computation of square roots modulo p. Math. Comput. 44, 483-494.

[37]

SCHOOF, R. 1995. Counting points on elliptic curves over finite fields. J. Th#or. Nombres. Bordeaux 7, 219-254.

[38]

SILVERMAN, J. 1986. The arithmetic of elliptic curves. In Graduate Texts in Mathematics, vol. 106. Springer-Verlag, New York.

[39]

SOLOVAY, R., AND STRASSEN, V. 1977. A fast Monte-Carlo test for primality. SIAM J. Comput. 6, 1, 84-85.

[40]

TATE, J. 1974. The arithmetic of elliptic curves. Invent. Math. 23, 179-206.

[41]

WILLIAMS, H.C. 1978. Primality testing on a computer. Ars. Combinat. 5, 127-185.

[42]

WUNDERLICH, M. C. 1983. A performance analysis of a simple prime-testing algorithm. Math. Comput. 40, 162, 709-714.

Cited By

Valluri M(2021)Combinatorial primality testACM Communications in Computer Algebra10.1145/3465002.346500454:4(129-133)Online publication date: 10-May-2021
https://dl.acm.org/doi/10.1145/3465002.3465004
Goldreich O(2019)On some noncryptographic works of Goldwasser and MicaliProviding Sound Foundations for Cryptography10.1145/3335741.3335761(527-542)Online publication date: 4-Oct-2019
https://dl.acm.org/doi/10.1145/3335741.3335761
Wu LCai HEmrouznejad AQian Z(2018)The Periodicity of Fibonacci Sequence Modulo a Prime and Its Application in Primality TestingProceedings of the 2nd International Conference on Computer Science and Application Engineering10.1145/3207677.3278049(1-5)Online publication date: 22-Oct-2018
https://dl.acm.org/doi/10.1145/3207677.3278049
Show More Cited By

Index Terms

Primality testing using elliptic curves
1. Mathematics of computing
  1. Mathematical analysis
    1. Numerical analysis
2. Theory of computation
  1. Design and analysis of algorithms
  2. Models of computation

Recommendations

Differential addition on binary elliptic curves
Abstract
This paper presents new and fast differential addition (i.e., the addition of two points with the known difference) and doubling formulas, as the core step in Montgomery scalar multiplication, for various forms of elliptic curves over ...
Highlights
- Differential addition and doubling formulas.
- Efficient arithmetic on elliptic ...
On the completeness of certain n-tracks arising from elliptic curves

Complete n-tracks in PG(N,q) and non-extendable Near MDS codes of dimension N+1 over F"q are known to be equivalent objects. The best known lower bound for the maximum number of points of an n-track is attained by elliptic n-tracks, that is, n-tracks ...
Computing projective equivalences of planar curves birationally equivalent to elliptic and hyperelliptic curves▪
Abstract
We present algorithms to find the projective equivalences between two planar curves, birationally equivalent to either elliptic or hyperelliptic curves. The main idea, in both cases, is to find first a corresponding birational mapping ...
Graphical abstract
Highlights
- Projective equivalences between planar curves birationally equivalent to elliptic or hyperelliptic curves

Comments

Information & Contributors

Information

Published In

cover image Journal of the ACM

Journal of the ACM Volume 46, Issue 4

July 1999

140 pages

ISSN:0004-5411

EISSN:1557-735X

DOI:10.1145/320211

Issue’s Table of Contents

Copyright © 1999 ACM.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 1999

Published in JACM Volume 46, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

25
Total Citations
View Citations
1,659
Total Downloads

Downloads (Last 12 months)102
Downloads (Last 6 weeks)8

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Valluri M(2021)Combinatorial primality testACM Communications in Computer Algebra10.1145/3465002.346500454:4(129-133)Online publication date: 10-May-2021
https://dl.acm.org/doi/10.1145/3465002.3465004
Goldreich O(2019)On some noncryptographic works of Goldwasser and MicaliProviding Sound Foundations for Cryptography10.1145/3335741.3335761(527-542)Online publication date: 4-Oct-2019
https://dl.acm.org/doi/10.1145/3335741.3335761
Wu LCai HEmrouznejad AQian Z(2018)The Periodicity of Fibonacci Sequence Modulo a Prime and Its Application in Primality TestingProceedings of the 2nd International Conference on Computer Science and Application Engineering10.1145/3207677.3278049(1-5)Online publication date: 22-Oct-2018
https://dl.acm.org/doi/10.1145/3207677.3278049
Yan S(2017)Primality TestingComputational Number Theory and Modern Cryptography10.1002/9781118188606.ch3(159-190)Online publication date: 17-Mar-2017
https://doi.org/10.1002/9781118188606.ch3
Wu HLi CLi HDing JYao X(2016)An RSA Scheme based on Improved AKS Primality Testing AlgorithmMATEC Web of Conferences10.1051/matecconf/2016440103244(01032)Online publication date: 8-Mar-2016
https://doi.org/10.1051/matecconf/20164401032
Hakuta K(2015)Metrics on the Sets of Nonsupersingular Elliptic Curves in Simplified Weierstrass Form over Finite Fields of Characteristic TwoInternational Journal of Mathematics and Mathematical Sciences10.1155/2015/5978492015(1-5)Online publication date: 2015
https://doi.org/10.1155/2015/597849
Aspnes JDiamadi ZYampolskiy AGjØsteen KPeralta R(2015)Spreading Alerts Quietly and the Subgroup Escape ProblemJournal of Cryptology10.1007/s00145-014-9181-128:4(796-819)Online publication date: 1-Oct-2015
https://dl.acm.org/doi/10.1007/s00145-014-9181-1
Silverberg A(2014)Some remarks on primality proving and elliptic curvesAdvances in Mathematics of Communications10.3934/amc.2014.8.4278:4(427-436)Online publication date: Nov-2014
https://doi.org/10.3934/amc.2014.8.427
Kuperberg G(2014) Knottedness is in , modulo GRH Advances in Mathematics10.1016/j.aim.2014.01.007256(493-506)Online publication date: May-2014
https://doi.org/10.1016/j.aim.2014.01.007
Fortnow LHomer S(2014)Computational ComplexityComputational Logic10.1016/B978-0-444-51624-4.50011-3(495-521)Online publication date: 2014
https://doi.org/10.1016/B978-0-444-51624-4.50011-3
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents