Close to Uniform Prime Number Generation With Fewer Random Bits
This addresses the need for efficient and uniform prime generation in cryptography and number theory, offering incremental improvements over previous methods.
The paper tackles the problem of generating prime numbers with a distribution close to uniform while using fewer random bits, by analyzing variants of a method that picks numbers of the form a + t·q and updates t if primality fails; it proves these algorithms work under progressively weaker assumptions, from a strong conjecture to unconditional results.
In this paper, we analyze several variants of a simple method for generating prime numbers with fewer random bits. To generate a prime $p$ less than $x$, the basic idea is to fix a constant $q\propto x^{1-\varepsilon}$, pick a uniformly random $a<q$ coprime to $q$, and choose $p$ of the form $a+t\cdot q$, where only $t$ is updated if the primality test fails. We prove that variants of this approach provide prime generation algorithms requiring few random bits and whose output distribution is close to uniform, under less and less expensive assumptions: first a relatively strong conjecture by H.L. Montgomery, made precise by Friedlander and Granville; then the Extended Riemann Hypothesis; and finally fully unconditionally using the Barban-Davenport-Halberstam theorem. We argue that this approach has a number of desirable properties compared to previous algorithms.