NEW v2.0 — three-layer system · RSA · FHE · zk-SNARKs · Gap prediction

Cryptographic primes,
faster. Proved.
RSA · FHE · zk-SNARKs.

Ethoryx uses formally proved mathematical structure to generate cryptographic primes with far fewer primality tests — for RSA, FHE, and zk-SNARK applications. Three independent layers. Verified. As key sizes grow, the savings compound.

Get started free → Read the paper GitHub ↗

install

pip install tesfagrid

17ms

Fewer primality tests

at 1024-bit · Ethoryx Sieve · C/GMP

19×

Fewer primality tests

at 2048-bit · Ethoryx Sieve · C/GMP

348K

verified gaps · 0 violations

75%

NTT candidate reduction · FHE

How it works

Smarter candidate selection.
Same security. Less work.

Standard prime generation searches blindly. Ethoryx uses a formally proved approach to generate only valid candidates — before any expensive test runs.

01 / 04

◈

Proprietary pre-filter

A formally proved mathematical constraint eliminates numbers that cannot be prime before any computation begins. No guessing. No wasted iterations. Derived from the Tesfa Grid geometric framework.

Formally proved · Tesfa Grid

02 / 04

⊛

Multi-layer elimination

Additional screening layers further reduce the candidate pool before any primality test is called. Each layer is mathematically justified — not heuristic. The result: 66-79% fewer primality tests.

66-79% test reduction · measured

03 / 04

⊕

Deterministic primality test

Only validated candidates reach the final primality test. We use the industry-standard witness set — deterministically correct for all practical RSA key sizes. Same certainty. Reached faster.

Deterministic · no false positives

04 / 04

🔐

Full unpredictability preserved

Every prime is selected from a cryptographically random start. The pre-filtering only removes impossible candidates — every valid prime remains reachable with equal probability. Security is unchanged.

CSPRNG random · uniform distribution

Side by side

Standard vs Ethoryx

The same prime. A fundamentally different path to find it.

STANDARD Blind random search

Pick a completely random number

No mathematical knowledge applied. Any integer in the bit range is a candidate, including the vast majority that cannot be prime.

Basic filtering — skip even numbers

The only mathematical knowledge applied: even numbers are not prime. Eliminates 50% of candidates. Still leaves most composites untouched.

Run expensive primality test

Miller-Rabin primality test runs on the candidate. At 2048-bit, this is called approximately 836 times before a prime is found. Most calls return composite.

~836 Miller-Rabin tests at 2048-bit
Most work is wasted on impossible candidates

TESHFAHSEC Proof-guided generation

Apply proprietary pre-filter

A formally proved constraint — derived from the Tesfa Grid — instantly eliminates numbers that cannot be prime. No computation required. No valid prime is missed.

Additional screening layers

Further mathematically justified filters reduce the candidate pool. Combined, the multi-layer approach eliminates up to 79% of integers before any primality test runs.

Run the same primality test

Identical Miller-Rabin test — but called only on candidates that have already passed all pre-filters. At 2048-bit, called approximately 282 times. Same prime found.

~282 Miller-Rabin tests at 2048-bit
−66% work. Same prime. Same security.

Benchmark

Sieve eliminates. C/GMP executes.

NTT candidate filtering is machine-independent — it measures pre-filtering work before any primality test. Verified independently on two machines with 150 total trials.

512-BIT · NTT CANDIDATES

512-bit

Standard184 candidates

Ethoryx Sieve41 candidates

−78%

1024-BIT · NTT CANDIDATES

1024-bit

Standard511 candidates

Ethoryx Sieve108 candidates

−79%

2048-BIT · NIST STANDARD

2048-bit

Standard836 candidates

Ethoryx Sieve282 candidates

−66%

NIST recommended

Method	Run 1	Run 2	Run 3 · independent	Avg	vs Standard
Standard baseline	213	194	194	200	—
Standard+ (basic opt.)	245	112	112	156	−22%
Ethoryxour method	84	61	61	69	−66%

512-bit primes · NTT candidates before primality test · 150 total trials · theorem compliance 100% on all generated primes

Bit size	Generation time	C/GMP Core	Notes
512-bit	~3ms	✓ active	RSA, ECC keypair component
1024-bit	~18ms	✓ active	RSA-1024, NTT field prime
2048-bit	~180ms	✓ active	NIST recommended RSA size
4096-bit	~650ms	✓ active	Enterprise · high-security RSA
60-bit NTT	~3ms	✓ active	FHE coefficient · SEAL-compatible

Measured on Hetzner VPS · Ethoryx C/GMP Core v1.0 · GMP 6.3.0 · GCC -O3 -march=native

↗

DigiCert and Microsoft are transitioning to 3072-bit and 4096-bit RSA. Our C/GMP Core generates 4096-bit primes in ~650ms. Miller-Rabin cost scales as O(bits³) — each test becomes exponentially more expensive at larger key sizes. Ethoryx savings compound as the industry moves to larger keys. At 4096-bit, each primality test is 512× more expensive than at 512-bit. Our 66%+ reduction is worth more with every bit added.

Who benefits

Built for production security

Any system generating RSA or ECC keys benefits. The larger the key, the greater the savings.

🏛

Certificate Authorities

Millions of TLS certificates issued, each requiring RSA prime generation. At 2048-bit: 554 fewer primality tests per certificate. At scale across millions of certificates, compute savings are measurable.

−66% compute per certificate at 2048-bit

⚙

HSM Manufacturers

Hardware security modules generate RSA keys continuously. Ethoryx C/GMP Core reduces computation per key by 66–79% and eliminates timing variability in candidate generation — a property valued in FIPS-compliant implementations.

Ethoryx HSM — firmware licensing from $50K · FIPS-relevant

🏦

Financial Technology

Every secure API call, digital signature, and encrypted transaction uses RSA or ECC. Companies upgrading to 3072-bit for NIST compliance need efficient, formally proved prime generation at scale.

REST API · drop-in · no code change

⌨

Developers and Researchers

Any application generating RSA keys benefits. Open-source Python library for integration. REST API with a free tier for testing and small projects. Academic paper for those who need the formal proof.

pip install ethoryx · 100 free calls/month

Products

One engine. Four products.

Every Ethoryx product runs on the same C/GMP Core — formally proved, measured, production-ready.

🔐

Ethoryx Prime · RSA

Standard RSA prime generation accelerated by the Tesfa Grid Sieve. 79% fewer Miller-Rabin tests at 1024-bit. Drop-in for OpenSSL, GnuTLS, and any RSA key generation pipeline.

17.8ms · 1024-bit · C/GMP Core

/v1/generate?bits=1024&method=wheel

⚡

Ethoryx NTT · Field Prime

NTT-compatible primes satisfying q ≡ 1 (mod 2n) for any polynomial degree n. Required for FHE schemes (SEAL, OpenFHE, HEAAN), zk-SNARKs (Groth16, PLONK), and post-quantum signature schemes (Dilithium, Falcon internals).

75% candidate reduction · SEAL-compatible · Starter+

/v1/generate/ntt?bits=1024&ntt_mod=4096

🔗

Ethoryx FHE · Chain

Generates full coefficient modulus chains for Fully Homomorphic Encryption — the set of NTT primes that define the RNS decomposition in SEAL and OpenFHE. Each prime in the chain satisfies both Theorem 7 and the NTT constraint simultaneously.

SEAL::CoeffModulus::Create() · OpenFHE · Zama compatible

/v1/generate/fhe?n=4096&count=5&bits_each=55

🛡

Ethoryx HSM · Firmware

The C/GMP Core as embedded firmware for Hardware Security Modules. One integration replaces the prime generation layer in Thales Luna, Utimaco, and nCipher products — enabling PQC-compliant key generation without hardware replacement. Licensing from $50,000.

Coming 2026 · Thales · Utimaco · nCipher

Request HSM evaluation →

↗

Post-Quantum context: NIST finalised Kyber (ML-KEM) and Dilithium (ML-DSA) in 2024. Both standards use fixed primes — Ethoryx does not accelerate those. What Ethoryx accelerates is the generation of fresh domain-specific primes: FHE coefficient moduli, zk-SNARK field primes, RSA migration keys, and NTT primes for custom PQC schemes. This is where prime generation performance matters most during the PQC migration.

API Reference

One header. One endpoint.
A prime in milliseconds.

REST API, zero dependencies, any language.

GET

/v1/generate

Generate a prime · 256 to 4096-bit

GET

/v1/generate/rsa-pair

Full RSA keypair (p, q, n) · Pro+

GET

/v1/verify

Verify primality · all tiers · free

GET

/v1/status

Health check · no auth required

Or use the library

from ethoryx import prime_generator
p, tests = prime_generator.generate(bits=2048)
# tests = 282 vs ~836 standard

GET /v1/generate

# Request
curl "https://api.ethoryx.io/v1/generate?bits=2048" \
  -H "X-API-Key: tg_pro_your_key"

# Response
{
  "prime": "9821374956...",
  "bits": 2048,
  "miller_rabin_tests": 282,
  "generation_ms": 17.8,
  "calls_remaining": 99718
}
      

Pricing

Start free. Scale as you grow.

Same quality at every tier. Cancel any time.

Free

100 calls / month

Up to 512-bit primes
5 calls / minute
/v1/verify included
Email support

Get free key →

Starter

$29_/mo

10,000 calls / month

Up to 1024-bit primes
FHE chains (7 primes)
NTT prime generation
30 calls / minute
Usage dashboard

Start →

Formally proved security

Security proof published on IACR ePrint and arXiv. Every generated prime is drawn from the full distribution with equal probability. No prime excluded.

⏱

No timing side-channel

Constant-time candidate generation — no variable rejection loop. Critical for hardware security modules and FIPS compliance environments.

↗

Open source foundation

Core algorithm MIT-licensed on GitHub. Full source available. The API adds infrastructure — not secrecy. Inspect everything.

Cryptographic primes, faster. Proved. RSA · FHE · zk-SNARKs.

Smarter candidate selection.Same security. Less work.