1. Field of the Invention
The present invention relates to a method of generating pseudo-random-numbers and an apparatus therefor.
2. Description of the Related Art
In order to prevent a third party from eavesdropping information transmitted via a communications system such as telephones, modems, televisions, etc., it is known in the art to encipher the information to be transmitted by adding pseudo-random-numbers to the information using a logic function of exclusive-or.
Two cryptographic techniques are known in the art: one is conventional cryptography wherein an identical key is used for both encipherment and decipherment, and the other is public-key cryptography in which different keys are utilized for encipherment and decipherment. Among these, with the pubic-key cryptosystem, it is no longer required to previously deliver a key before data transmission thereby to be capable of saving time, and further, it is easy to keep or manage the key because the keeping of key is done at a receiver side.
In accordance with the public-key cryptography, the receiver side deciphers the information using a secret key that is typically a prime number whose digits ranges from several hundreds to several thousands of bits. Therefore, it is important how to efficiently generate such a large prime number at random.
There is no formula for generating such a prime number. Accordingly, when generating a prime number with a predetermined number of bits, an integer with the predetermined number of bits is generated at random, after which a check is made to determine if the integer is a prime number. These operations are iterated until a prime number is obtained. However, a lot of calculations are necessary to decide whether or not the number is a prime one and thus, in order to overcome this problem, a conventional technique does not generate at random the integers each having the predetermined bits. That is, in order to same a time, an integer, which exhibits a higher possibility of being a prime number, is generated. Subsequently, a check is made as to whether the integer is a prime number.
FIG. 1 is a flow chart which includes steps for generating a prime number candidate in accordance with the prior art. As shown in this figure, at step 410, an integer X (pseudo-random-number) of n-bit (n is a positive integer) is generated at random. If the integer is an even number, the integer is apparently not a prime number. Further, there is the case where the integer X is not n-bit because the most significant bit is zero. Therefore, at step 420, each of the most and least significant bits is rendered "1".
Subsequently, a positive integer j is rendered equal to 1 at step 430, after which a check is made to determine if X can be divided Pj. If X can be divided by Pj, the program goes to step 410. On the contrary, if X can not be divided by Pj, the routine goes to step 450 at which a check is made to determine if j=m. If j=m, the program is terminated. Otherwise (viz., if j.noteq.m), the routine proceeds to step 460 at which j=j+1. Thereafter, the program returns to step 440. In the above, m is a predetermined positive integer, and P.sub.1, P.sub.2, . . . , P.sub.m are small prime numbers which are different with each other.
If the integer X is generated in a manner mentioned above, the integer X does not have any of P.sub.1, P.sub.2, . . . , P.sub.m as a real prime divisor. Accordingly, the probability of the integer X being a prime number is higher than the case where an n-bit integer generated at random is a prime number. Thus, it is possible to effectively obtain a prime number having a predetermined number of bits.
By way of example, known techniques of generating a prime number and typical public-key cryptography, are disclosed in a book entitled "Applied Cryptography" by Bruce Schneier, second edition, published by John Wiley & Sons, Inc, 1996.
However, it is known in the art that, in accordance with the prime number theorem, the probability of a randomly generated n-bit integer being a prime number is in the order of about 1/n. As a result, with the conventional technique, it is necessary to randomly generate about "n" integers in order to obtain one prime number. As mentioned above, a secret key is a prime number as large as several hundreds to several thousands of bits. Thus, in order to obtain one secret key, it is necessary to generate integers several hundreds to several thousands times. Further, each time such an integer is generated, the integer is divided after which a check is made to determine if the integer can be divided by Pj. Consequently, with the conventional technique, a very large number of calculations are inevitable and hence, a lot of time is consumed until a prime number candidate. Further, hardware of divider is necessary with the attendant result of expensive apparatus.