I am trying to implement a partially blind signature scheme in Java from a paper. In equation (1), it requires two random elements r
and u
to be generated, which must be an element of Zn
.
r, u ∈ Zn
This is in an RSA scheme where the modulus n = p.q
.
I am not entirely sure how this may be achieved - do I just need to generate a random number, which is not divisible by p
nor q
? I assume this could be done using BigInteger
gcd
, but I am not sure this is correct.
So far, the parameters I have generated are as follows (with e
being a BigInteger
with a value of 3):
do {
p = BigInteger.probablePrime(bitlength, rnd);
q = BigInteger.probablePrime(bitlength, rnd);
n = p.multiply(q);
phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE));
} while (phi.gcd(e).compareTo(BigInteger.ONE) > 0);
d = e.modInverse(phi);
I do not believe the value of phi
is relevant to this question, it is just part of my RSA parameter generation.
Ideally, there would be a library that can handle said generation of r, u
for me, but I have been unsuccessful finding any.