This article is rated Stub-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||
|
Invalid method for finding a Schnorr group
editEmpirically, there is something wrong with the description given here, in particular when gcd(q,r)≠1. Take for example p=19, q=3 and r=6. This satisfies the description given in the article. There are many values of h which satisfy the selection criteria given here, yet none of these generate a group of order q=3. The only elements that generate a group of order q are 7 and 11, and these would be rejected. I do not know whether the definition of a Schnorr group excludes the cases where gcd(q,r)≠1, or whether it allows these but modifies the rules for finding a generator. (My guess would be the former.) In any event, the article must be corrected, but I can find no easily accessible reference to determine the correct definition. Quondum (talk) 18:08, 7 August 2011 (UTC)
- The article looks correct to me. It does not claim that h has order q. It claims that g = h^r mod p has order q. Clearly since q is prime and g^q mod p = 1 it follows that the order of g is either 1 or q, and since order 1 has been excluded by the given condition g must have order q. 83.79.24.244 (talk) 18:22, 7 August 2011 (UTC)
- Yes, my mistake - I was confusing h and hr mod p as a generator. Quondum (talk) 18:31, 7 August 2011 (UTC)
Sources?
editWhat was the publication in which Schnorr (or anybody eles) published Schnorr groups and this procedure of determining their parameters? --TrevorTrueman (talk) 19:29, 23 August 2019 (UTC)