# P434 e2 = 0xD8 e3 = 0x89 # P503 # e2=0xFA # e3=0x9F #e2=0x174 #e3=0xEF Nsk2_max_val = (2^e2) - 1 Nsk2_bytes = floor(e2/8) Nsk3_S = ceil(RDF(log(3^e3,2))) Nsk3_bytes = floor(Nsk3_S/8) Nsk3_max_val = (2^Nsk3_S) - 1 p = 2^e2 * 3^e3 - 1 Fp = GF(p) R. = Fp[] Fp2 = Fp.extension(x^2 + 1, 'i') i = Fp2.gen() E0Fp = EllipticCurve(Fp, [0,6,0,1,0]) E0Fp2 = EllipticCurve(Fp2, [0,6,0,1,0]) # Montgomery R # 448 = 7*(8*8) R = 2^448 # P503 # R = 2^512 def calc_Y_in_Fp2(x, xi): fp2X= Fp2(x+xi*i) fp2Y2 = Fp2(fp2X^3 + fp2X) ret = fp2Y2.sqrt() return ret def calc_proj_point_A(fp2X, fp2Y): return (3^e3 * E0Fp2((fp2X, fp2Y))) def calc_proj_point_B(fp2X, fp2Y): return (2^e2 * E0Fp2(fp2X, fp2Y)) def tau(P): return E0Fp2(-P.xy()[0], i*P.xy()[1]) def hd(val): return ", 0x".join([x.hex().upper() for x in Integer(val).digits(base=2^64)]) def hcp(point): print("X: "); hd(point[0]) print("Y: "); hd(point[1]) print("Z: "); hd(point[2]) def print_fp2_hex(Fp2_el): fp2_pol = Fp2_el.polynomial() print("A: FpElement{0x" + hd(fp2_pol[1]) + "},") print("B: FpElement{0x" + hd(fp2_pol[0]) + "}}") def print_fp2_in_mont_hex(Fp2_el, text): print(text) mul = Integer(R)*Fp2_el fp2_pol = mul.polynomial() print("A: FpElement{0x" + hd(fp2_pol[0]) + "},") print("B: FpElement{0x" + hd(fp2_pol[1]) + "}}") Integer(2^4 - 1).digits(2) print("\n P =\n"+hd(p)) print("\n pX2 =\n"+hd(2*p)) print("\n p+1 =\n"+hd(p+1)) print("\n R^2 mod p =\n"+hd((R^2) % p)) print("\n1/2 * R mod p =\n"+hd(((1/2)*R) % p)) print("\n R mod p =\n"+hd(R % p)) print("\n 6 * R mod p =\n"+hd(((6*R) % p)))