Photo by Michael Dziedzic on Unsplash

Blum-Goldwasser Probabilistic Encryption

Prof Bill Buchanan OBE
4 min readFeb 24, 2020

With public key encryption, Alice could have two possible messages (a ‘0’ or a ‘1’) that she sends to Bob. If Eve knows the possible messages (a ‘0’ or a ‘1’), she will then cipher each one with Bob’s public key and then matches the results against the cipher message that Alice sends. Eve can thus determine what Alice has sent to Bob. In order to overcome this the Blum-Goldwasser method is a public key algorithm that uses a probabilistic public-key encryption scheme [here]:

The encryption method uses the Blum-Blum-Shub (BBS) technique to generate the keystream [here]. Initially we create two prime numbers (p and q), and then calculate N:

N = pq

The public key is N, and the private key is p and q, and where p and q:

p (mod 4) = 3

q (mod 4) = 3

For example we can select p= 239, q= 179, as both will give us 3 when we do a (mod 4) operation:

>>> p=239
>>> q=179
>>> p%4
>>> q%4

The basic method, as defined by Wikipedia, is:

The code is as follows [here]:

import numpy as np
import binascii
import Crypto.Util.number
from Crypto import Random
import sys
import random
def xgcd(a, b):
"""return (g, x, y) such that a*x + b*y = g = gcd(a, b)"""
x0, x1, y0, y1 = 0, 1, 1, 0
while a != 0:
(q, a), b = divmod(b, a), a
y0, y1 = y1, y0 - q * y1
x0, x1 = x1, x0 - q * x1
return b, x0, y0
# Method from
def to_bits(text, encoding='utf-8', errors='surrogatepass'):
bits = bin(int(binascii.hexlify(text.encode(encoding, errors)), 16))[2:]
return bits.zfill(8 * ((len(bits) + 7) // 8))
def from_bits(bits, encoding='utf-8', errors='surrogatepass'):
n = int(bits, 2)
return int2bytes(n).decode(encoding, errors)

Prof Bill Buchanan OBE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.