Let us walk on the 3-isogeny graph
Loading...
Searching...
No Matches
p511.h
Go to the documentation of this file.
1// Parameters concerning P511
2
3#ifndef SSEC_PARAMETERS_P511_H
4#define SSEC_PARAMETERS_P511_H
5
6#define FIELD_NAME "p511"
7#define FIELD_BITS 511
8#define FIELD_BYTES 64
9#define FIELD_64BITS_WORDS 8
10#define QFIELD_BYTES 128
11#define MASK_FIELD_ELEMENT 0x7fffffffffffffff
12#define SECURITY_BITS 256
13
14#define BIT_LENGTH_PATH 512
15#define TRITLENGTH_PATH 324
16
17// Field characteristic p
18static const uint64_t FIELD_CHARACTERISTIC[FIELD_64BITS_WORDS] = {
19 0x1B81B90533C6C87B, 0xC2721BF457ACA835, 0x516730CC1F0B4F25, 0xA7AAC6C567F35507,
20 0x5AFBFCC69322C9CD, 0xB42D083AEDC88C42, 0xFC8AB0D15E3E4C4A, 0x65B48E8F740F89BF
21};
22
23// Neutral multiplicative in Montgomery domain: R = 2ᵉ mod p
24static const uint64_t MONTGOMERY_CONSTANT_ONE[FIELD_64BITS_WORDS] = {
25 0xC8FC8DF598726F0A, 0x7B1BC81750A6AF95, 0x5D319E67C1E961B4, 0xB0AA7275301955F1,
26 0x4A080672D9BA6C64, 0x97A5EF8A246EE77B, 0x6EA9E5D4383676A, 0x3496E2E117E0EC80
27};
28
29// Montgomery constant R² = (2ᵉ)² mod p where e = 0 mod 64 s.t. 2ᵉ⁻⁶⁴ < p < 2ᵉ
30static const uint64_t MONTGOMERY_CONSTANT_R_SQUARED[FIELD_64BITS_WORDS] = {
31 0x36905B572FFC1724, 0x67086F4525F1F27D, 0x4FAF3FBFD22370CA, 0x192EA214BCC584B1,
32 0x5DAE03EE2F5DE3D0, 0x1E9248731776B371, 0xAD5F166E20E4F52D, 0x4ED759AEA6F3917E
33};
34
35// Exponent constant required for field inversion: p - 2
36static const uint64_t FIELD_INVERSION_EXPONENT[FIELD_64BITS_WORDS] = {
37 0x1B81B90533C6C879, 0xC2721BF457ACA835, 0x516730CC1F0B4F25, 0xA7AAC6C567F35507,
38 0x5AFBFCC69322C9CD, 0xB42D083AEDC88C42, 0xFC8AB0D15E3E4C4A, 0x65B48E8F740F89BF
39};
40
41// Exponent constant required for computing square-roots in GF(p): (p - 1) / 2
42static const uint64_t SQUARE_ROOT_EXPONENT_12[FIELD_64BITS_WORDS] = {
43 0x8DC0DC8299E3643D, 0xE1390DFA2BD6541A, 0xA8B398660F85A792, 0xD3D56362B3F9AA83,
44 0x2D7DFE63499164E6, 0x5A16841D76E44621, 0xFE455868AF1F2625, 0x32DA4747BA07C4DF
45};
46
47// Exponent constant required for computing square-roots in GF(p²): (p - 3) / 4
48static const uint64_t SQUARE_ROOT_EXPONENT_34[FIELD_64BITS_WORDS] = {
49 0x46E06E414CF1B21E, 0x709C86FD15EB2A0D, 0xD459CC3307C2D3C9, 0x69EAB1B159FCD541,
50 0x96BEFF31A4C8B273, 0xAD0B420EBB722310, 0xFF22AC34578F9312, 0x196D23A3DD03E26F
51};
52
53// Exponent constant required for computing square-roots in GF(p²): (p + 1) / 4
54static const uint64_t SQUARE_ROOT_EXPONENT_14[FIELD_64BITS_WORDS] = {
55 0x46E06E414CF1B21F, 0x709C86FD15EB2A0D, 0xD459CC3307C2D3C9, 0x69EAB1B159FCD541,
56 0x96BEFF31A4C8B273, 0xAD0B420EBB722310, 0xFF22AC34578F9312, 0x196D23A3DD03E26F
57};
58
59#define SSEC_CUBE_ROOT_OVER_FP
60// Exponent constant required for computing square-roots in GF(p): (2p - 1) / 3
61static const uint64_t CUBE_ROOT_EXPONENT_213[FIELD_64BITS_WORDS] = {
62 0x67ABD0AE228485A7, 0xD6F6BD4D8FC87023, 0x8B9A208814B234C3, 0xC51C84839AA238AF,
63 0xE752A88462173133, 0x781E057C9E85B2D6, 0xFDB1CB363ED432DC, 0x43CDB45FA2B5067F
64};
65
66#define SSEC_KONG_ET_AL_S_ALGORITHM
67// Constant required in Kong et al.'s algorithm, d: quadratic non-residue
68static const uint64_t SQUARE_ROOT_CONSTANT_D[2 * FIELD_64BITS_WORDS] = {
69 0xC8FC8DF598726F0A, 0x7B1BC81750A6AF95, 0x5D319E67C1E961B4, 0xB0AA7275301955F1,
70 0x4A080672D9BA6C64, 0x97A5EF8A246EE77B, 0x6EA9E5D4383676A, 0x3496E2E117E0EC80,
71 0xC8FC8DF598726F0A, 0x7B1BC81750A6AF95, 0x5D319E67C1E961B4, 0xB0AA7275301955F1,
72 0x4A080672D9BA6C64, 0x97A5EF8A246EE77B, 0x6EA9E5D4383676A, 0x3496E2E117E0EC80
73};
74
75// Constant required in Kong et al.'s algorithm, t: d raised at the power (p² - 9) / 8
76static const uint64_t SQUARE_ROOT_CONSTANT_T[2 * FIELD_64BITS_WORDS] = {
77 0x0, 0x0, 0x0, 0x0,
78 0x0, 0x0, 0x0, 0x0,
79 0xDF7EA3207D79F4BF, 0x640A34CD373DF869, 0x521ADC0C033666A7, 0xC34A717C7E25767D,
80 0x4639C38404635863, 0x7498ADD8F5C11866, 0x6EE18BDCBD066AA1, 0x266575E165EDFAB2
81};
82
83// Exponent constant required for computing square-roots in GF(p²): (p² - 9) / 16
84#define SQUARE_ROOT_EXPONENT_BITS 1018
85static const uint64_t SQUARE_ROOT_EXPONENT_916[2 * FIELD_64BITS_WORDS] = {
86 0xE5BF46909BD446B1, 0xA6C74DAB86C9B147, 0x75D44B0E5B1C3EE7, 0x23B783EA5891753F,
87 0x40EFF81E77784E2D, 0xA1F2895FFC0251BB, 0x1E5E26A97E90B76C, 0x758F433FE4FA6D67,
88 0xD47210444F46511A, 0x1323956F7B10A2C7, 0x75F7EB51CAFB2CF0, 0x49B4AA32D5B32C33,
89 0xD27BC0F964AA4D46, 0x858BBCA2291FBB98, 0xF4E0B88FB455FD30, 0x2867F7D5FAB2EDA
90};
91
92// Exponent constant required for computing cube-roots
93#define CUBE_ROOT_EXPONENT_BITS 1020
94static const uint64_t CUBE_ROOT_EXPONENT[2 * FIELD_64BITS_WORDS] = {
95 0x146F33C94680FB5B, 0xC2C4A261DF3EE81C, 0xF848274F7CD634FE, 0x29A8F17A1E76F636,
96 0xADFFE3FA8C566B4B, 0x3FD021554724B0D2, 0xDDC089771757E182, 0x13C47D54F54184FC,
97 0x6523C80F52C1205E, 0x7CF04C370AE5D0FF, 0x4E1C283F437D118E, 0xB0BB40B4BEEED60C,
98 0xEC62AE2165EBBD6B, 0xF7462CEB3CE29B02, 0x1157E58D2BDC67C8, 0x8FAA8DA37B5FBEE
99};
100
101// Cube root of unity in Montgomery domain
102static const uint64_t CUBE_ROOT_OF_UNITY[2 * FIELD_64BITS_WORDS] = {
103 0x3703720A678D90F6, 0x84E437E8AF59506A, 0xA2CE61983E169E4B, 0x4F558D8ACFE6AA0E,
104 0xB5F7F98D2645939B, 0x685A1075DB911884, 0xF91561A2BC7C9895, 0x4B691D1EE81F137F,
105 0x1BF7FEDAD8F84A0D, 0x49095BEA4E481231, 0xDDCE5C113E6C8563, 0x1076F3C57293FD73,
106 0xAAA0E50C99C73815, 0xE006F6FF44ED6CE9, 0x890B57B3ED038182, 0x54663F1040867A88
107};
108
109static const uint64_t ONE_HALF[FIELD_64BITS_WORDS] = {
110 0xE47E46FACC393785, 0x3D8DE40BA85357CA, 0xAE98CF33E0F4B0DA, 0x5855393A980CAAF8, 0xA50403396CDD3632,
111 0x4BD2F7C5123773BD, 0x03754F2EA1C1B3B5, 0x1A4B71708BF07640
112};
113static const uint64_t ONE_THIRD[FIELD_64BITS_WORDS] = {
114 0xEDA984A732D0CFAE, 0x7E5E9807C58CE531, 0xC9BB34CD40A32091, 0x9038D0D1BAB31CA5,
115 0x6E02ACD0F33E2421, 0xDD374FD8B6CFA27E, 0x57A38A1F16812278, 0x1187A0F5B2A04ED5
116};
117
118static const uint64_t ONE_NINTH[FIELD_64BITS_WORDS] = {
119 0x4F38818D10F0453A, 0xD4CA32AD41D9A1BB, 0x433E66EF158BB585, 0x8568459B3E3BB437,
120 0xCF56399AFBBF6160, 0xF467C5483CEFE0D4, 0x728BD8B5078060D2, 0x5D7E051E6356F9C
121};
122
123static const uint64_t ONE_BY_27[FIELD_64BITS_WORDS] = {
124 0x6FBD80845AFAC1BE, 0x46EE10E46B488B3E, 0x6BBF77A5072E91D7, 0x2C781733BF693C12,
125 0x9A721333A93FCB20, 0x5177EC6D69A54AF1, 0x7B83F2E702802046, 0x1F2A01B4CBC7A89
126};
127
128#endif // SSEC_PARAMETERS_P511_H
FIELD_64BITS_WORDS
#define FIELD_64BITS_WORDS
Definition p254.h:9