private void GeneratePrimes(out PrimeNumber p, out PrimeNumber q)
{
p = new PrimeNumber();
q = new PrimeNumber();
mpz_t numMin = ((mpz_t)2).Power((BitLength / 2) - 1);
mpz_t numMax = ((mpz_t)2).Power((BitLength / 2));
do
{
p.SetNumber(Generator.Random(numMin, numMin));
q.SetNumber(Generator.Random(numMin, numMax));
p.RabinMiller();
q.RabinMiller();
} while (mpz_t.Gcd(p.GetPrimeNumber() * q.GetPrimeNumber(), (p.GetPrimeNumber() - 1) * (q.GetPrimeNumber() - 1)) != 1);
}
public PaillierKey GenerateKey()
{
var p = new PrimeNumber();
var q = new PrimeNumber();
GeneratePrimes(out p, out q);
// lambda = lcm(p-1, q-1) = (p-1)*(q-1)/gcd(p-1, q-1)
var lambda = ((p.GetPrimeNumber() - 1) * (q.GetPrimeNumber() - 1)) /
mpz_t.Gcd(p.GetPrimeNumber() - 1, q.GetPrimeNumber() - 1);
var n = p.GetPrimeNumber() * q.GetPrimeNumber(); // n = p*q
var nsquare = n * n; // nsquare = n*n
mpz_t g;
do
{
// generate g, a random integer in Z*_{n^2}
g = RandomZStarNSquare(nsquare);
}
// verify g, the following must hold: gcd(L(g^lambda mod n^2), n) = 1, where L(u) = (u-1)/n
while (mpz_t.Gcd(g.PowerMod(lambda, nsquare).Subtract(1).Divide(n), n) != 1);
// mu = (L(g^lambda mod n^2))^{-1} mod n, where L(u) = (u-1)/n
var mu = g.PowerMod(lambda, nsquare).Subtract(1).Divide(n).InvertMod(n);
var key = new PaillierKey
{
N = n,
G = g,
Lambda = lambda,
Mu = mu
};
return(key);
}