[pycrypto] ElGamal - modulo group generator?

Bartosz Szatkowski bulislaw at linux.com
Mon May 31 01:57:34 CST 2010

Hi all,
i was implementing ElGamal signature on my own and every specification
that ive read (including elgamals one), says that when generating keys -
"g" should be the modulo "p" group generator. I was looking for some
efficient way to compute this and i notice that pycrypot dont really use
it - there is simple prime instead. Is it a bug(security risk)? Or maybe
its as good as generator?

pycrypto-2.1.0/lib/Crypto/PublicKey/ElGamal.py: lines 47 +

    # Generate random number g
    if progress_func:
    size=bits-1-(ord(randfunc(1)) & 63) # g will be from 1--64 bits
smaller than p
    if size<1:
    while (1):
        obj.g=bignum(getPrime(size, randfunc))
        if obj.g < obj.p:
        size=(size+1) % bits
        if size==0:

Bartosz Szatkowski
KeyFP: 1568 D5A7 B14C 0727 1C61 ACFB ABDE C08A DDB7 1F70

The freedom to run a program, for any purpose (freedom 0)

More information about the pycrypto mailing list