asciilifeform: what ought to do instead, is to rngize the bottom Q bits, where Q is log2(estimated prime gap at the current bitness, times severalfold engineering margin)☟︎
asciilifeform: ( the koch method, of taking R and adding 2 to it until m-r says yes, trivially leaks )
asciilifeform: incidentally it can probably be shown that you don't have to throw out ALL of the bits in a candidate R, when it is not found to be prime, and still not leak anything
asciilifeform: i am probably doomed to make a pci version, because of this, at some point. but so far not urgent itch.
asciilifeform: theoretically one can connect an unlimited # of'em to pc (in practice linux kernel starts behaving oddly when more than 7 serial devices, i found )
asciilifeform: and since i built the rng, i can also be quite certain that there is not such a prime that it will forever avoid generating.
asciilifeform: i can show that no 2 inputs will produce the same prime, trivially
asciilifeform: the random-rubbish followed by probabilistic test , satisfies this demand within the obvious limits of the test.
asciilifeform: i want a method, as stated above, where inputs map one-to-one and onto, the primes , up to the register width.
asciilifeform: but as i currently understand, my q reduces to 'find The Formula For Primes' (tm)(r), a millenium-long headache for mathematical folx , to this day unsolved.☟︎
asciilifeform: if apeloyee knows a proof for this, i'll read
asciilifeform: i believe in the arithmetic, yes. but how to show that the two conditions i stated, hold ?☟︎
asciilifeform: in particular, gotta show that no two inputs will produce the same prime☟︎
asciilifeform: to have a satisfactory constructor, it would have to be shown to reduce to this and exactly this.
asciilifeform: i.e. a 1:1 pipe from random ints to large primes.
asciilifeform: let's model the ideal prime-shitter. it would be an item that takes integer N , of whatever bitness, and produce the Nth prime ( or eggog if the Nth prime is bigger than the register bitness permitted. )☟︎☟︎☟︎
asciilifeform: apeloyee: propose a hypothetical how ?
asciilifeform: the other problem is that prime constructor proof may or may not fit-in-head. infineon's method probably seemed correct to various folx.
asciilifeform: the use of constructed primes, potentially amplifies small/temporary imperfections in the rng, into fatal
asciilifeform: 1 problem is that perfect uniform distrib and perfectly independent rng bits, cannot be shown to exist physically.
asciilifeform: it is not the same exact algo, no. but it is same from my pov, in that it is NOT the 'find b-bit random R and test for primality, potentially forever, until found prime'
asciilifeform: how is this not 'constructed prime' ?
asciilifeform: for 4096b rsa, use 4096b randomprime e; 2048b randomprime p, q.
asciilifeform: no reason to. not on ffa, at any rate.
asciilifeform: but mircea_popescu's original point was correct, you do NOT want a small d -- but neither you want a small e, or obviously n, or ANYTHING small
asciilifeform: 'Further computations were consistent with the guess that p and q were being generated as powers of 65537 modulo L, where L was either the product of all primes through 691, or the product of all primes through 701.'
asciilifeform: any method of 'constructing' primes , rather than hunting for wild, is guilty until proven innocent of 1) constriction 2) bias
asciilifeform: 'This could even be a deliberate weakness with plausible deniability: "Oh, sorry, nobody warned us that 2 mod 11 was okay and 10 mod 11 wasn't."'
asciilifeform: as described on trilema and elsewhere, usd ain't money, it's 'money[*]', and the * typically includes 'cannot be spend on defense from usg'
asciilifeform: possibly gotta 1938 the wrong-chirality bluebloods who want to spend it in usg-unapproved ways (e.g. btc) ..?
asciilifeform: afaik 'anticorruption' only ever means 1 thing
asciilifeform: 'The conference was spearheaded by Crown Prince Mohammed bin Salman, who is pushing an ambitious reform plan that is aimed at reducing the country's dependence on oil over the next decade. The prince is also leading the anti-corruption committee that has the authority to investigate, arrest, issue travel bans and freeze the assets of those it finds corrupt.' << lol!
asciilifeform: this one clearly built as reusable item -- nipple valve
asciilifeform: i had nfi there were ( what appears to be ) off-the-shelf man-sized vacuum bag
asciilifeform: and on top is this, there is ~state~ level copy of same apparatus. e.g. in asciilifeform's local moneychangery, there is a placard, hanging in plain sight , re 'to cachiers: you MUST report all tx of 2k or larger, even if customer was regular for decades, by order of maryland something-or-other commission'
asciilifeform: the '10,000' thing also has an element of 'torbrowserism' -- to spread the notion, among the simple, that 'it has to be >10k to be seen'
