Generating strong prime numbers for RSA using probabilistic Rabin-Miller algorithm

An integer p > 1 is called a prime number in case there is no divisor d of p satisfying 1 < d < p. If
an integer a > 1 is not a prime, it is called a composite number.
Characteristics of primes

Every integer n greater than 1 can be expressed as a product of primes (with perhaps only one
factor).

There are arbitrarily large gaps in the series of primes.

The number of primes is infinite. That is, there is no end to the sequence of primes.

The factoring of any integer n > 1 into primes is unique apart from the order of the prime
factors.

The RSA cryptographic algorithm uses a lot of prime numbers in generating its keys. These keys
in turn will hold the strength of the encryption. In this paper I will discuss how a large number of
large primes can be generated.
Public-key algorithms need prime numbers. Any reasonably sized network needs lots of them.
Before discussing the mathematics of prime number generation, some of common questions are
answered.
1.If everyone needs a different prime number, wont we run out? No. In fact, there are
approximately 10151 primes 512-bits in length or less. For numbers near n, the probability that a
random number is prime is approximately one in ln n. So the total number of primes less that n is
n/(ln n).
2.What if two people accidentally pick up the same prime number? It wont happen. With over
10151 prime numbers to choose from, the odds of that happening are significantly less than the
odds of your computer spontaneously combusting at the exact moment you win the lottery.
3.If someone creates a database of all primes, wont he be able to use that database to break
public-key algorithms? Yes, but he cant do it. If you could store one gigabyte of information on
a drive weighing one gram, then a list of just the 512-bit primes would weight so much that it
would exceed the Chandrasekhar limit and collapse into a black hole &ldots; so you couldnt
retrieve the data anyway.
There are several probabilistic primality tests; tests that determine whether a number is prime
with a given degree of confidence. Assuming this "degree of confidence" is large enough, these
sorts of tests are good enough.
Various probabilistic primality-testing algorithms include:

Rabin-Miller Test
Lucas-Lehmer Algorithm
Fermats Test

Frobenius-Grantham

The algorithm everyone uses was developed by Michael Rabin, based in part on Gary Millers
ideas. Actually, this is a simplified version of the algorithm recommended in the DSS proposal.
Therefore, we start out with Rabin-Miller algorithm.

Rabin Miller Algorithm

Rabin-Miller algorithm has following characteristics

Uses exponentiations mod p to declare that p is probably prime

Each iteration has worst case failure rate of ()^c
For randomly selected large numbers this failure rate is much lower
One can construct numbers which achieve worst case

Algorithm
Input : an odd integer n >= 3 and number of iterations t >= 1
Output : Prime or Composite
1. Write n 1 = 2sr such that r is odd
2. For i from 1 to t do the following
2.1 Choose a random integer a, 2<= a <= n-2
2.2 Compute y = ar mod n
2.3 If y != 1 and y!= n 1
j=1
While j<= s-1 and y != n 1
Compute y = y2 mod n
If y = 1 then return (Composite)
j=j+1
if y ! = n 1 then return (Composite)
3. Return Prime
Class named RabinMiller with constructor of form MillerRabin(BigInteger n, int t) has been used
for experiment. This class expects arbitrary long precision number and number of iterations t.
We then use method isPrime() to see if this number is a probable prime.
The Rabin-Miller Probabilistic Primality Test Proof
Fermats Little Theorem. Let be prime and suppose a.( does not divide a) Then
a-1 1 (mod )
This is a generalization of the Chinese Hypothesis and a special case of Eulers Theorem
Euclids Lemma. Let be prime and suppose | ab. Then either | a or | b.
Now we can outline a development which leads to Millers Test for compositeness.
By Fermats Little Theorem, if is an odd prime and | b, then
b-1 1 (mod )
Since -1 is even,
| (b(-1)/2 1) (b(-1)/2 + 1)
By Euclids Lemma,
b(-1)/2 1 (mod )
If (-1)/2 is even and b(-1)/2 1 (mod ), then we know that
b(-1)/4 1 (mod )
We can repeat this until (-1)/2k is odd or b(-1)/2^k - 1 (mod ) for some k.

Millers Test. Let n 1 = 2rm where r 1 and m is odd. Let gcd(b, n) = 1.

If either bm (mod n) or b2^k - 1 (mod n) for some k r, then, we say that n passes Millers
Test to base b.
All primes p pass Miller's Test for 1<b<p, and if p fails Miller's test in this interval, then n has to
be composite. However, composites can pass Miller's Test for some values of b. It can also be
shown that if n is an odd composite, then n passes Miller's Test for at most (n-1)/4 bases b with
1<b<n-1. This therefore could be turned into a deterministic test if we are willing to do
(n-1)/4+1 iterations.
Experiment
1. We first find probable primes that pass 20 iteration of Rabin-Miller test. We use them as test
vectors to measure time it takes
2. Perform Miller Rabin test on these test vectors using 10 and 20 iterations
Size of Number( in bits )
130
512
1024
2048

10 Iterations
0.05 sec
0.9 sec
8.8 sec
45 sec

20 Iterations
0.083 sec
1.7 sec
17 sec
90 sec

As we can see, time it takes to test for primality is proportional to the number of iterations. In
addition, as we increase the number of bits, the time it took for the algorithm increased
substantially.
Originally, random number was generated and time was measured to compare the time it took for
different number of iterations. However, test result indicated that the time it took was very close.
As the result was examined, it was noted that most numbers that was generated at random was a
Composite number; therefore, number of iterations didnt matter much(cause it always got
reject in first few iteration). Thus, in this case, we used numbers that we knew were Probable
Prime numbers to compare the time.

Lucas Test(Lucas Pseduoprimes)

We state that a number passes Lucas Test with parameter (P,Q) if it passes the algorithm
illustrated below with p and q satisfies D = p2 4q. Here we used Lucas Test with parameter
Lucas(1, Q). D is determined by finding a number that satisfies (D/n) = -1 in {5, -7, 9, -11, 13, 15, 17. } Although theoretically, we can spend infinite time looking for D that satisfies this(as
with n = 9), based on the experiment, we found out that D is mostly single or two decimal
digits(most of time, D is in {5, -7, 9, -11, -13, 15, -17, 19} Therefore, time spent looking for D
was not significant.
Input:
n large odd number tested for primality,
Output:
composite or probably prime
Operations:
1. Find first d in the sequence {5, 7, 9, 11, 13, 15, 17, } such that the Jacobi symbol (d/n)
= 1.
2. Set p:=1, q:=(1d)/4.
If un+1 = 0 mod n, then n is probably prime. To compute uk, where k=n+1 you need to perform
the following operations.
3. Set d=(p2 4q) = 1 4q
4. Let kr kr-1k0 denote the binary representation of k
5. Set u=1 and v:=p
6. For i:=r1 to 0 do
6.1 Set (u, v) = (uv mod n, (v2+du2)*2-1 mod n)
6.2 If ki = 1 do
(u, v) = ((pu+v)* 2-1 mod n, (pv+du)* 2-1 mod n)
7. uk=u, vk = v
8. If uk = 0 mod n return probably prime,
otherwise return composite.

Experiment
Size of Number( in bits )
130
512
1024
2048

Lucas Test
0.125 sec
0.6 sec
5 sec
35 sec

When we applied Lucas Test to our test vectors that passed 20 iterations of Miller-Rabin, some of
them were determined to be Composites. Here we show some list of 1024 bit numbers that
passed Miller-Rabin(20 iterations) but didnt pass Lucas Test.
943663967303341733831073530494149595215288153105481870301659362295789602095234
218089124597953290352035102845761871600763866437004412165477329142505789342618

915108271402670435920072251607983489136394725647150554452015124613593594887954
27875530231001298552452230535485049737222714000227878890892901228389026881
138028649176899647846076023812164793645371887571371559091892986639999096471811
910222267538577825033963552683101137782650479906670021895135954212738694784814
783986671046107023185842481502719762055887490765764329237651328922972514308635
045190654896041748716218441926626988737664133219271115413563418353821396401
123301261697053560451930527879636974557474268923771832437126939266601921428796
348203611050423256894847735769138870460373141723679005090549101566289920247264
982095246187318303659027201708559916949810035265951104246512008259674244307851
578647894027803356820480862664695522389066327012330793517771435385653616841
119432521682023078841121052226157857003721669633106050345198988740042219728400
958282159638484144822421840470442893056822510584029066504295892189315912923804
894933736660559950053226576719285711831138657839435060908151231090715952576998
400120335346005544083959311246562842277496260598128781581003807229557518839
132082885240291678440073580124226578272473600569147812319294626601995619845059
779715619475871419551319029519794232989255381829366374647864619189704922722431
776563860747714706040922215308646535910589305924065089149684429555813953571007
126408164577035854428632242206880193165045777949624510896312005014225526731
153410708946188157980279532372610756837706984448408515364579602515073276538040
155990230789600191915021209039203172105094957316552912585741177975853552299222
501069267567888742458519569317286299134843250075228359900070009684517875782331
709619287588451883575354340318132216817231993558066067063143257425853927599
103130593592068072608023213244858971741946977638988649427937324034014356815504
971087381663169829571046157738503075005527471064224791270584831779395959349442
093395294980019731027051356344056416276026592333932610954020105156667883269888
206386119513058400355612571198438511950152690467372712488391425876725831041
It is known that Lucas Test is independent of Miller-Rabin test. Therefore by combining these
two algorithms, we present a powerful algorithm in the next section that utilizes one iteration of
Miller-Rabin with Lucas Test.(we also noticed that if the number passed a single iterations of
Miller-Rabin, its most likely to pass more iterations of Miller-Rabin - > Increasing Miller-Rabin
increases worst case probability of error; however, in practice, Miller-Rabin yields substantially
better probability of error(than worst case error) and each subsequent iteration improves the
algorithm moderately)

Lucas-Lehmer Test
Pomerance, Selfridge and Wagstaff have proposed a test, based on a combination of the Strong
Probable Prime Test and the Lucas Probable Test, that seems very powerful. Indeed, nobody yet
claimed the $620 that they offer for a composite that passes it, even though they have relaxed the
conditions of the offer so that the Probable Prime Test no longer need be Strong. In this
section, we present a test that combines Probable Prime Test(Miller Rabin test) and the Lucas
Probable Test.
MillerRabin test = new MillerRabin(a, 1);
if (test.isPrime() == true) {
lt = new LucasTest(a);
if (lt.isPrime()) System.out.println("prime1");
}
We measure a time taken by applying a single iteration of Miller-Rabin followed by Lucas Test.

Size of Number( in bits )

130
512
1024
2048

Lucas-Lehmer Test
0.125 sec
0.72 sec
6.12 sec
40 sec

Grantham-Frobenius
This is a test based on Frobenius pseudoprimes developed by Grantham which is passed by
Composite Numbers with probability at most 1/7710. Algorithm is presented below.
1. Choose pairs (b,c) at random with 1<= b, c < n until one is found with (b2+4c / n ) = -1and
(-c/n) = 1, or with gcd(b2+4c, n), gcd(b,n) or gcd(c,n) a notrivial divisor of n. If latter case occurs
before the f ormer, declare n to be composite and stop. If after B pairs are tested, none is found
satisfying the above conditions, declare n to be a probable prime and stop(we need to do this
since we cant declare prime as composite at any case)
2. Perform Quadratic Frobenius Test
1) Test n for divisibility by primes less than or equal to min {B, n^0.5}. If it is divisible by one
of these primes, declare n to be composite and stop
2) Test whether n^0.5 . If it is declare n to be composite and stop
3) Compute x^(n+1 / 2) mod (n, x2 bx c). If x^(n+1 /2) /n, declare n to be composite
and stop
4) Compute x^(n+1) mod (n, x2 bx c). If x^(n+1) != - c, declare n to be composite and stop
2^j*s
!= -1 mod (n,x2 bx
5) Let n2 1 = 2rs, where s is odd. If x != 1 mod(n, x2 bx c), and x
c) for all 0 <= j <= r-2, declare n to be composite and stop.
3. If n is not declared composite in Steps 1-5, declare n to be a probable prime.

Generating Prime Numbers

To generate n-bit prime, we first generate a random number of n-bit( 2^n+1 < x < 2^n ). Starting
from that point, we implement either a sequential or random search. Here we present a sequential
approach.
Algorithm consists of following
1. Generate an odd random number of n-bit
x = one.shiftLeft( n ) // x = 2^n
//generate random number uniformly distributed on [0, 2**numBits - 1]
rand_num = new BigInteger( n, rndSrc)
x = x.add(rand_num)
//make sure its an odd number
if (x.testBit(0))
//ok
else
x = x.add( one )
2. Test for Primality
3. If not prime, increment by two(or by random even number) and test for primality again
For primes of bit length n, mean gap distance is just ln(2^n) = n ln(2)
Therefore on the average, for exhaustive search of odd numbers between two primes n* ln(2).
But we note that since our starting point is random, we assume that on the average, we land in the
middle of two primes. Therefore, we need to check n*ln(2)/2 numbers on the average.
Here we do an experiment for 130, 256, 512, and 1024 bits
Number of Tests required(Theoretical)
n = 256
n = 512
n = 1024

89
178
355

bit(# of primes)
MillerRabin(20)
Lucas-Lehmer

256
Time
35
43

bit(20)
# Tested
1869
2488

512
Time
73
70

bit(2)
# Tested
742
742

1024
Time
420
850

bit(1)
# Tested
504
1175

Normalizing for single prime,

256 bit
512 bit
1024 bit
Time # Tested
Time
# Tested Time # Tested
MillerRabin(20)
1.75
94
36.5
371
210
504
Lucas-Lehmer
2.15
125
35
371
425
1175
* were we very unlucky?(theoretical states that we need to check substantially less numbers)

In the code, we have a fixed seed for Random number generator

Random rndSrc = new Random(5);
Therefore, each time we run the experiment, it generates same random number.
So, why theres a discrepancy in number of Numbers tested to find primes? For 256 and 1024 bit
cases, we see that Lucas-Lehmer requires more numbers. Since we are generating same random
number for each test(MillerRabin and Lucas-Lehmer), we conclude that some numbers that was
declared as probable prime by Miller-Rabin(20) was found to be Composite by Lucas-Lehmer,
thus yielding to more # Tested. Therefore, we can see that Lucas-Lehmer was more accurate than
Miller-Rabin(20)
Now, lets compare the speed of these algorithms. We know that Lucas-Lehmer is faster to test a
Prime number(that is if the number is a prime number); however, if a number was not declared a
Composite on the first iteration of Miller-Rabin, we perform Lucas Test for Lucas-Lehmer.
Lucas Test typically takes approximately time it takes for 6 iterations of Miller-Rabin. Therefore,
Time spent on Lucas-Lehmer test is equivalent to 7 iterations of Miller-Rabin.
However, as shown on the table, Lucas-Lehmer test was not necessarily faster. This is because if
a number is found to be composite less than two iterations of Miller-Rabin, we stop there.
Nevertheless, with Lucas-Lehmer test, if a number passes first iteration of Miller-Rabin, we
continue with Lucas Test, which takes about same time as 6 iterations of Miller-Rabin.
Therefore, actual speed depends on following factors.

1. Number of Composites that fail one iteration of Miller-Rabin

- This definitely will speed up both algorithms; however, it does not affect our comparison of
Lucas-Lehmer and Rabin-Miller.
2. Number of Composites that takes 2-5 iterations of Miller-Rabin before being declared
Composite
- if we have more numbers that falls in this category, clearly Miller-Rabin algorithm is better.
3. Number of Composites that takes more than 6 iterations of Miller-Rabin before being
declared Composite.
- in this case, Lucas-Lehmer is a better choice

PROJECT590 Finding Prime Numbers

class PROJECT590 {
final static int MillerRabin = 0;
final static int LucasLemer = 1;
public static void main( String argv[] ) {
int bitLength = 256;
int typeOfMethod = LucasLemer;
int mrIteration = 20;
int count = 0, i = 0;
int numPrimes = 20;
// make this random deterministic so that repeated experiment
// yields same result
Random rndSrc = new Random(5);
BigInteger one = new BigInteger("1"), two = new BigInteger("2");
BigInteger x, rand_num, start;
MillerRabin MR;
LucasTest LT;
start = one.shiftLeft( bitLength ); //start = 2^n
while (count <= numPrimes ) {
rand_num = new BigInteger( bitLength, rndSrc);
x = start.add(rand_num);
if (!x.testBit(0)) x = x.add( one );
// now look for primes
while (true) {
if (typeOfMethod == MillerRabin) {
i++;
MR = new MillerRabin( x, mrIteration );
if (MR.isPrime() ) {
//System.out.println(x.toString() + " is a prime");
break;
}
}
else {
i++;
MR = new MillerRabin( x, 1 );
if (MR.isPrime()) {
LT = new LucasTest( x );
if (LT.isPrime()) {
//System.out.println(x.toString() + " is a prime");
break;

}
}
}
x = x.add( two );
}
count ++;
}
System.out.println(i + " number tested to find " + numPrimes + " primes ");
}

Miller Rabin Test

import java.math.*;
import java.util.*;
class MillerRabin {
final int COMPOSITE = 0, PRIME = 1;
final BigInteger _one = new BigInteger("1");
BigInteger testVector;
BigInteger _r;
int _s;
private int _isPrime;
/**
* constructs a class MillerRabin with a number to be tested with iteration
*/
public MillerRabin(BigInteger n, int t) {
int result;
testVector = n;
result = start(n, t);
_isPrime = result;
}
/**
* getNumber() returns number that is tested using MillerRabin
*/
public BigInteger getNumber() {
return testVector;
}
protected int start(BigInteger n, int t) {
BigInteger y, n_minus_one, a, r;
int i, j;
int s;
findS_R( n );
// n - 1 = 2^r x s
s = _s;
r = _r;
y = new BigInteger("0");
n_minus_one = n.subtract( _one );
for (i=1;i<=t;i++) {
//pick a;

//creates odd big integer {2,....,n-1)

a = createOddBigInteger( n );
y = a.modPow(r, n);
if ( !(y.intValue() == 1) && !(y.equals(n_minus_one)) ) {
j = 1;
while ( (j<= s-1) && !(y.equals(n_minus_one)) ) {
y = y.multiply(y);
y = y.mod(n);
if (y.intValue() == 1) return COMPOSITE;
j++;
}
if ( !(y.equals( n_minus_one)) ) return COMPOSITE;
}
}
return PRIME;
}
/**
* isPrime() returns true if probable prime
* else it returns false
*/
public boolean isPrime() {
if (_isPrime == PRIME)
return true;
else
return false;
}
public BigInteger createOddBigInteger( BigInteger n) {
BigInteger result = new BigInteger("0");
int numBits;
boolean isOdd = false;
Random rndSrc = new Random();
numBits = n.bitLength();
while (!isOdd) {
result = new BigInteger(numBits, rndSrc);
// Make sure it's an odd number
if (result.getLowestSetBit() == 0)
//make sure it's greater than 2 and less than n
if ( (result.longValue() > 2) && (result.compareTo(n) == -1) )
isOdd = true;
}
return result;
}

protected void findS_R( BigInteger n) {

// temp = n-1
BigInteger temp = n.subtract(_one);
int length, i;
length = temp.bitLength();
// ex.1011100 i = 2
i = temp.getLowestSetBit();

//should be true all the time as long as it's even number

if (i<1) {
System.out.println("huh: " + temp.toString());
System.out.println("Critical Error, \nn is not an even number");
}
_s = i;
// ex. i = 2, r = 10111
_r = temp.shiftRight(i);
}

Lucas Test
import java.math.*;
class LucasTest {
final int COMPOSITE = 0, PRIME = 1;
final BigInteger _zero = new BigInteger("0");
final BigInteger _one = new BigInteger("1");
final BigInteger _two = new BigInteger("2");
final BigInteger _three = new BigInteger("3");
final BigInteger _four = new BigInteger("4");
final BigInteger _five = new BigInteger("5");
final BigInteger _seven = new BigInteger("7");
final BigInteger _eight = new BigInteger("8");
final BigInteger _negativeOne = new BigInteger("-1");
BigInteger _u, _v, testVector;
boolean _isPrime;
public LucasTest() {
}
/**
* returns number being tested
*/
public BigInteger getNumber() {
return testVector;
}

public LucasTest(BigInteger n) {
BigInteger d, p, q, one, four, temp;
int result;
testVector = n;
d = findValueOfD( n );
System.out.println("d = " + d.toString());
q = new BigInteger("0");
p = new BigInteger("1");
//q = 1-d/4
q = q.subtract(d);
q = q.divide( _four );
d = p.multiply(p);
temp = q.multiply(_four);

d = d.subtract(temp);
result = findUk(p,q,d,n);
if (result == COMPOSITE )
_isPrime = false;
else
_isPrime = true;
}
/**
* isPrime() returns true if it passes Lucas test
* otherwise, returns false
*/
public boolean isPrime() {
return _isPrime;
}
protected BigInteger findValueOfD(BigInteger n) {
int i = 1;
Integer candidate = new Integer(5);
BigInteger d;
BigInteger temp;
//generate candidate d
d = new BigInteger( candidate.toString() );
while ( true ) {
temp = findJacobi3(d, n);
if (temp.intValue() == -1) {
return d;
}
i = i*(-1);
candidate = new Integer( (candidate.intValue()*i*(-1) + 2) * i );
d = new BigInteger( candidate.toString() );
}
}
protected int findUk(BigInteger p, BigInteger q, BigInteger d, BigInteger n) {
BigInteger u, v, temp, k;
int r, i;
k = n.add(_one);
r = k.bitLength();
// u =1, v = p
u = new BigInteger("1");
v = new BigInteger("0");
v = v.add(p);
//System.out.println("u = " + u.toString());
//System.out.println("v = " + v.toString());

_u = u;
_v = v;
for(i=r-2; i >= 0; i--) {
setUV( d, p, n);
if (k.testBit(i)) {
setUV2(d, p, n);
}
}
u = _u;
v = _v;
temp = u.mod(n);
if (temp.intValue() == 0)
return PRIME;
else
return COMPOSITE;
}

protected void setUV( BigInteger d, BigInteger p, BigInteger n ) {

BigInteger u, v, u_o, v_o, temp, invTwo;
invTwo = _two.modInverse( n );
u = _u;
v = _v;
// Save original values
u_o = new BigInteger("0");
v_o = new BigInteger("0");
u_o = u_o.add(u);
v_o = v_o.add(v);
u = u.multiply(v);
u = u.mod(n);
v = v.multiply(v);
temp = d.multiply(u_o);
temp = temp.multiply(u_o);
temp = temp.add(v);
temp = temp.multiply( invTwo );
v = temp.mod(n);
_u = u;
_v = v;
}

protected void setUV2( BigInteger d, BigInteger p, BigInteger n ) {

BigInteger u, v, u_o, v_o, temp, invTwo;
invTwo = _two.modInverse( n );
u = _u;
v = _v;
// Save original values
u_o = new BigInteger("0");
v_o = new BigInteger("0");
u_o = u_o.add(u);
v_o = v_o.add(v);
u = u.multiply(p);
u = u.add(v_o);
u = u.multiply( invTwo );
u = u.mod(n);
v = v.multiply(p);
temp = d.multiply(u_o);
temp = temp.add(v);
temp = temp.multiply( invTwo );
v = temp.mod(n);
_u = u;
_v = v;
}
public BigInteger findJacobi3(BigInteger a, BigInteger n) {
BigInteger j;
BigInteger x, y, temp;
temp = a.gcd(n);
if (a.gcd(n).intValue() > 1) {
return _zero;
}
j = _one;
x = a;
y = n;
while (true) {
temp = y.abs();
x = x.mod(temp);
temp = y.divide(_two);
if ( x.compareTo(temp) == 1) {

x = y.subtract(x);
if (y.mod(_four).intValue() == 3) {
j = j.negate();
}
}
while (true) {
if (x.remainder(_four).intValue() == 0) {
x = x.divide(_four);
}
else
break;
}
if (x.testBit(0) == false) {
x = x.shiftRight(1);
if ( (y.mod(_eight).intValue() == 3) || (y.mod(_eight).intValue()
== 5) ) {
j = j.negate();
}
}
if (x.intValue() == 1)
return j;
if ( (x.mod(_four).intValue() == 3) && (y.mod(_four).intValue() == 3) ) {
j = j.negate();
}
temp = x;
x = y;
y = temp;
}
}

public BigInteger findJacobi2(BigInteger a, BigInteger n) {

BigInteger j;
BigInteger temp, temp1, temp2;
j = _one;
while (a.intValue() != 0) {
temp = a.mod(_two);
while (temp.intValue()==0) {
a = a.divide(_two);
temp1 = n.mod(_eight);
temp = a.mod(_two);

if ( (temp1.compareTo( _three ) == 0 ) || (temp1.compareTo( _five ) ==0 ) )

j = j.negate();
}
temp = a;
a = n;
n = temp;
temp1 = a.mod(_four);
temp2 = n.mod(_four);
if ( ( temp1.intValue() == 3 ) && (temp2.intValue() == 3) )
j = j.negate();
a = a.mod( n.abs() );
}
if (n.intValue() == 1)
return (j);
else
return(_zero);
}
}

Test Vectors for 130 bit

1200161307614228132587124344911319888847
1217061394045440770272863028410128226539
921108606988933429616620315810400467517
853317530370104012409598527522730700651
680852455832286412234959266339294171989
755874721613680868350375580762472058163
708845233379365237138514321248709595271
970579120976007047606697988455111051307
1078975318520442677247975877914475852561
1320667565651395872386562961365612402689
718325227243164098105241005534129831503
1346998127308036333796416179976314235187
1210728443503156319623535316310907871307
1284329995011366362345904345674796615737
1131332641316196878738236781313416166959
683296805990847812802122333425096120853
1092286847468566817841840658247701405267

Test Vectors for 512 bit

13406018485852718226105106124561910107966927832831693505223898685801514051846334874516
118119778712573563396252651144805452658527087252412378186210574513123
11110430765698277397232281375065147003250781009141881192433209450406066052913879569977
997867646934782509208259688325961015654276900869681595895040697716077
11806612758985307653174860307043541727168872169912880085110125187188315008169041939158
990746195566961325482870206456960623985554829340010797727855517679577
76368104530370928941669763979323918295792552347649175734129694103347060681575840312688
26454733373678255348947228170666923745117283266045509961151462316057
82171087355476332489289453830727326259728100168728824109830952415403711946066296016313
22285074660331028910462762507189124859650982129406755093565061585947
12266764785165030162729387081296720993472143161693170466820779003275526416314273360003
136562218854060617421877794055575535782878699241474842871472870249733
11728828176947869125905969923079452166640964198014787150461606701830705115895087461910
819710471416920813507088644745902523556405575123057112934782264425687
77242370223737068975281247525279827689805491420383621463993732717430696633093986804006
27960976568698895965148815018532343322768141670920172192422524577977
67606369691620295186610369875538549719080504571945441058014561650112007764003636622421
24241874678420217535968762300086119980152984412283003045093077015403
11773872679029718988610133166785963818345256677642697567491661823113308097132227502935
278755471531324578518562811740666070019819047319989915500271226545367
88554761459086978459037373511360771253193849659630197463638266306904301941361246737261
85476477659359773159241087241671571856937283706143788223282514554017
79240521123629029869361761814817467954367793148449771642507048164227512994730667900560
60617415569300804004586971230569245975919083221020277131493149584291
92275948624727149808202698084428113934047304457338998404950033929249251889341223835305
85927483564546639889684956560842862607483759550793255865527242121281
75015925641876553211913684706373663824088585313399468735243316471290054066846813882206
00896913707458760041452877269085583130556114395631972053194867150397

TestVector for 1024 bit(5 vectors)

94366396730334173383107353049414959521528815310548187030165936229578960209523421808912
45979532903520351028457618716007638664370044121654773291425057893426189151082714026704
35920072251607983489136394725647150554452015124613593594887954278755302310012985524522
30535485049737222714000227878890892901228389026881
14104232639093549093354982621108447875169945136376872997477735559175907393036116352898
20809386404512851073393943115038890100844436388311711395270772237955440489449244451218
79647156884834769908268810030211770076290037462181390777337909091903142919610023579610
612355809815098951461960436805335178146468594497053
11360610111179306388223948010135385010447915110037709330181026893453973249232168998103
25672266226239571535232253286318810812416162122709432076004975446326607479365495524811
48466692479681327569567487876744209771481314457618208860179484415611981619594638107773
332491673281796678206353605333616952366511645578797
10822634146385481128564070409747600383328757987915507351632541215199296812089211097475
72616708814246479350189351081165670141412990089983437483806325938982080383943031173169
30792853237173668056388546970193755585997027783952123851174026560693740233106410211387
525683988797378505561609104502259722551424163822821
13198757658323907435178031542286139100586373319850218439084061786928969645380363964883
66834488484890443978228156539374292672029614303661153543788078182474076893164007732138
61885428867838814872547009946100126907624284479881920021341634731228098247065866684397
494312971820820784312389551449748365108896731559199

TestVector for 2048 bit(5 vectors)

22193271413026737908225156813220050145533382453698983118475999190643145336265614540013
36985846720293048796874766958401174796787296939326675089998163784991236421460825398914
76014525511071352741507660029294646990581006341539256878528501158808777962857723409378
47318871246930018265371044959866521410557237309053240503018327621833394443303312933640
78923011068687740075316187518739068733510360438596871285091513028571122457942566992568
74934300475706183989361921613289202732944676474640281186444660507931202480142049949931
26696355279474892053663804814577501315887149939113764192553616805726561624199213002716
059684540906949
28288418234046697528481136806967284502092316843704200704649623352155349072312609630868
85271049492907435683898524170518405879339292633441125348104703717405419550982118925336
34901320054528151073187983235839841774836011178372899420234092948814328181141082905970
00974520063126513362206871262898287433019886524870907397166189439254170221092390113893
73423325288612064898533160596110714156480914134561391860079190895868476482329858919570
95241318087083668826302266396995630436798612321778861387396921191637916422386234467061
04101322609379431884397829561714504041137590966064781440060176614594184983866305243154
179889735568497
17219460483763251778847637508172301586065461824572446337315073355226530777773807181263
78955660907451964569902524868883807672168203936252731497601080371321040897316168083782
66838250201024488989396062467524823115465051403548187574602424095987987572140711806148
71664182058967157393479905526762887156900138277266142493684891977179604464122151430180
75260334190364055083303826347021956169427029930180434067968074108685527850127150515931
94082961868818157464494358490379578440246748199606008423499201939980904483735873106214
04172013854294301133172651002988321812367533980697404811723031959214502523836192442148
818218852584543
29484157537848121250346198151032708092076062170182925934004584082311883882368797094163
93595227743424468454801348297008311813060337083169399439336968091937263366432155449122
43368506121440732356940798309452934680916202322476709212844991461134675129903381263714
57878185481471490397312128403521765806712419440704949150796098076809660793203380794307
30967959898903077051571431892431503200661287840849351910962103252707545842790169703467
74210211120965136320154340732112797663067362844416161282946246799081546723800789224390
72595780111344950617333669118866209468613772744204626002188343235302467350404671310031
933235065464987
24570655503854253483199253095297472205829110065137932349929197635791431104817306878549
39105215425039403791764124794433395017918255410653007864067965957485390742420734352871
78004252587449550714431621513899427726231665608614479990778198508701776895257628362077
04497018443865471253661943512155118664929306838159575880186389947176731183947235607201
47283674696809668508777127239896442267143450942045379252342871354268157854807091240438
35177863498442613702382394023723863954908833461096350740069068355182120205271068508726
62555928463020018146067254240394873363721889615687626486016230122037470335967462409245
674828403490711