Elgamal implementation problems

Andrew Mattingly andrew_mattingly at au1.ibm.com
Sun May 1 13:19:01 CEST 2011

Hi Angelo,

I can see two problems with your eg_encryption routine (eg_decryption has 
no problems):

1.  you should be computing c2 = h^k * M mod p, not c2 = h^k * g^M mod p

2.  even if you disagree with point 1, you should take a modulus after the 
final multiplication,

ie. after:

  mpz_mul(cipherText->c2, tmp2, tmp);


  mpz_mod(cipherText->c2, cipherText->c2, publicKey->p);

Hope this helps.

Kind regards
Andrew Mattingly.

More information about the gmp-discuss mailing list