Some crypto stuff in lisp

I promised I would put this up for someone. Ill pretty up if and when I get the inclination. Its basicaly everythign required to perform Diffie Hellman in common lisp including an implementation of Rabin-Miller. It makes some unsafe assumptions and could be faster.
(defvar *small-primes*
  #(2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101 103
      107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 191 193 197 199
      211 223 227 229 233 239 241 251 257 263 269 271 277 281 283 293 307 311 313
      317 331 337 347 349 353 359 367 373 379 383 389 397 401 409 419 421 431 433
      439 443 449 457 461 463 467 479 487 491 499 503 509 521 523 541 547 557 563
      569 571 577 587 593 599 601 607 613 617 619 631 641 643 647 653 659 661 673
      677 683 691 701 709 719 727 733 739 743 751 757 761 769 773 787 797 809 811
      821 823 827 829 839 853 857 859 863 877 881 883 887 907 911 919 929 937 941
      947 953 967 971 977 983 991 997 1009 1013 1019 1021 1031 1033 1039 1049 1051
      1061 1063 1069 1087 1091 1093 1097 1103 1109 1117 1123 1129 1151 1153 1163
      1171 1181 1187 1193 1201 1213 1217 1223 1229 1231 1237 1249 1259 1277 1279
      1283 1289 1291 1297 1301 1303 1307 1319 1321 1327 1361 1367 1373 1381 1399
      1409 1423 1427 1429 1433 1439 1447 1451 1453 1459 1471 1481 1483 1487 1489
      1493 1499 1511 1523 1531 1543 1549 1553 1559 1567 1571 1579 1583 1597 1601
      1607 1609 1613 1619 1621 1627 1637 1657 1663 1667 1669 1693 1697 1699 1709
      1721 1723 1733 1741 1747 1753 1759 1777 1783 1787 1789 1801 1811 1823 1831
      1847 1861 1867 1871 1873 1877 1879 1889 1901 1907 1913 1931 1933 1949 1951
      1973 1979 1987 1993 1997)
  "All prime numbers < 2000")

(defun randBytes (n)
  "retrieve n bytes from /dev/urandom"
  (with-open-file (urandom "/dev/urandom" :element-type 'unsigned-byte)
    (do ((count n (decf count))
         (r 0 (+ (ash r 8) (read-byte urandom))))
        ((= 0 count) r)
      ())))

(defun modexp (a x n)
  "a^x mod n"
  (do ((r 1 (if (= (mod x 2) 1)
                (mod (* r a) n)
              r))
       (x x (floor (/ x 2)))
       (a a (mod (* a a) n)))
      ((<= x 0) r)))

(defun random-number-less-than (n)
  "generate an evenly distributed random number less than n"
  (mod (randBytes (+ 1 (floor (/ (log n 2) 8)))) n))


(defvar *rabin-miller-cycles* 5
  "The number of times to apply the rabin miller test to a prime number candidate")

(defun decompose (x)
  (do* ((q 1 (+ q 1))
  (m (/ x (expt 2 q)) (/ x (expt 2 q))))
      ((and (integerp m) (oddp m)) (values q m))))

(defun rabin-miller-round (n a b m)
  (let ((init (modexp a m n)))
    (or (= init 1)
    (= init (- n 1))
    (do ((z init (modexp z 2 n))
         (j 0 (+ j 1)))
         ((or (= j b) (= z (- n 1)))
              (= z (- n 1)))))))

(defun rabin-miller (n)
  "applies the rabin-miller test to n"
  (if (evenp n) nil
    (multiple-value-bind (b m) (decompose (- n 1))
      (dotimes (x *rabin-miller-cycles*)
      (when (not (rabin-miller-round n (random-number-less-than n) b m))
        (return-from rabin-miller nil)))
      t)))

(defun probably-prime-p (n)
  "Determine if N is likely to be prime."
  ;; Performs a couple of quick tests which eliminate a majority of
  ;; composite numbers, then passes the work off to the Rabin-Miller
  ;; probabalistic test
  (let ((primes-count (length *small-primes*)))
    (do ((x 0 (+ x 1)))
    ((>= x primes-count) (rabin-miller n))
      (cond ((= n (aref *small-primes* x)) (return t))
          ((= (mod n (aref *small-primes* x)) 0) (return nil))))))

(defun generate-prime (bytes)
  "probabalisticaly generates a prime number of bytes size"
  (do ((candidate (logior 
     (randbytes bytes)
        1 (ash 1 (- (* 8 bytes) 1))) (+ candidate 2)))
      ((probably-prime-p candidate) candidate)))

;; an example of executing the Diffie-Hellman key exchange with 512 bit
;; prime
;;
;; 1) Alice generates the initital DH parameters and sends a copy to
;; Bob.
;;
;;       (setf params (diffie-hellman-parameters 512))
;;
;; 2) Both Alice and Bob use the parameters for Diffie Hellman round 1
;;
;;       (setf dh (apply 'diffie-hellman-round-1 params))
;;
;; 3) Both Alice and Bob send their y values to the other and use the
;;    other persons y to perform round 2
;;
;;       (diffie-hellman-round-2 dh other-y)
;;
;; 4) The z value that each has will now match and may be used as a
;;    symetric key
;;
;;       (diffie-hellman-z dh)

(defstruct diffie-hellman
  (prime nil :type integer)
  (g nil :type integer)
  (x nil :type integer)
  (y nil :type integer)
  (y2 nil :type integer)
  (z nil :type integer))

(defun diffie-hellman-parameters (bytes)
  (let* ((p (generate-prime bytes))
   (g (random-number-less-than p)))
    (list p g)))

(defun diffie-hellman-1 (prime g)
  (let* ((x (random-number-less-than (- prime 1)))
   (y (modexp g x prime)))
    (make-diffie-hellman :prime prime :g g :x x :y y)))

(defun diffie-hellman-2 (dhstruct y2)
  (setf (diffie-hellman-y2 dhstruct) y2
        (diffie-hellman-z dhstruct)
        (modexp y2
           (diffie-hellman-x dhstruct)
           (diffie-hellman-prime dhstruct)))
  (diffie-hellman-z dhstruct))


Lee Ayres
Last modified: Sat Jun 28 23:48:00 CDT 2003