p255.h

Go to the documentation of this file.

// Parameters concerning P255
 
#ifndef SSEC_PARAMETERS_P255_H
#define SSEC_PARAMETERS_P255_H
 
#define FIELD_NAME          "p255"
#define FIELD_BITS          255
#define FIELD_BYTES         32
#define FIELD_64BITS_WORDS  4
#define QFIELD_BYTES        64
#define MASK_FIELD_ELEMENT  0x7fffffffffffffff
#define SECURITY_BITS       128
 
#define BIT_LENGTH_PATH     256
#define TRITLENGTH_PATH     162
 
// Field characteristic p
static const uint64_t FIELD_CHARACTERISTIC[FIELD_64BITS_WORDS] = {
    0x20B4AEC293559AA3, 0xAAD721AF56EB4080, 0x4386948F022DC5C2, 0x611A70FEDF33E566
};
 
// Neutral multiplicative in Montgomery domain: R = 2ᵉ mod p
static const uint64_t MONTGOMERY_CONSTANT_ONE[FIELD_64BITS_WORDS] = {
    0xBE96A27AD954CABA, 0xAA51BCA152297EFF, 0x78F2D6E1FBA4747A, 0x3DCB1E0241983533
};
 
// Montgomery constant R² = (2ᵉ)² mod p where e = 0 mod 64 s.t. 2ᵉ⁻⁶⁴ < p < 2ᵉ
static const uint64_t MONTGOMERY_CONSTANT_R_SQUARED[FIELD_64BITS_WORDS] = {
    0x4821B6B6A77F7F35, 0xBAE385492E85C34F, 0xCA290FE7F40E3AB6, 0x1B5DC1B09AC24C06
};
 
// Exponent constant required for field inversion: p - 2
static const uint64_t FIELD_INVERSION_EXPONENT[FIELD_64BITS_WORDS] = {
    0x20B4AEC293559AA1, 0xAAD721AF56EB4080, 0x4386948F022DC5C2, 0x611A70FEDF33E566
};
 
// Exponent constant required for computing square-roots in GF(p): (p - 1) / 2
static const uint64_t SQUARE_ROOT_EXPONENT_12[FIELD_64BITS_WORDS] = {
    0x105A576149AACD51, 0x556B90D7AB75A040, 0x21C34A478116E2E1, 0x308D387F6F99F2B3
};
 
// Exponent constant required for computing square-roots in GF(p²): (p - 3) / 4
static const uint64_t SQUARE_ROOT_EXPONENT_34[FIELD_64BITS_WORDS] = {
    0x82D2BB0A4D566A8, 0xAAB5C86BD5BAD020, 0x90E1A523C08B7170, 0x18469C3FB7CCF959
};
 
// Exponent constant required for computing square-roots in GF(p²): (p + 1) / 4
static const uint64_t SQUARE_ROOT_EXPONENT_14[FIELD_64BITS_WORDS] = {
    0x82D2BB0A4D566A9, 0xAAB5C86BD5BAD020, 0x90E1A523C08B7170, 0x18469C3FB7CCF959
};
 
#define SSEC_CUBE_ROOT_OVER_FP
// Exponent constant required for computing square-roots in GF(p): (2p - 1) / 3
static const uint64_t CUBE_ROOT_EXPONENT_213[FIELD_64BITS_WORDS] = {
    0xC0787481B78E6717, 0xC73A1674E49CD5AA, 0x8259B85F56C92E81, 0x40BC4B5494CD4399
};
 
#define SSEC_KONG_ET_AL_S_ALGORITHM
// Constant required in Kong et al.'s algorithm, d: quadratic non-residue
static const uint64_t SQUARE_ROOT_CONSTANT_D[2 * FIELD_64BITS_WORDS] = {
    0xBE96A27AD954CABA, 0xAA51BCA152297EFF, 0x78F2D6E1FBA4747A, 0x3DCB1E0241983533,
    0xBE96A27AD954CABA, 0xAA51BCA152297EFF, 0x78F2D6E1FBA4747A, 0x3DCB1E0241983533
};
 
// Constant required in Kong et al.'s algorithm, t: d raised at the power (p² - 9) / 8
static const uint64_t SQUARE_ROOT_CONSTANT_T[2 * FIELD_64BITS_WORDS] = {
    0xE375FB814DCCAEDC, 0xA1E52CA1F2C9C564, 0x828A5B3683FE50D5, 0x313AB93E29DBBF30,
    0x0, 0x0, 0x0, 0x0
};
 
// Exponent constant required for computing square-roots in GF(p²): (p² - 9) / 16
#define SQUARE_ROOT_EXPONENT_BITS           506
static const uint64_t SQUARE_ROOT_EXPONENT_916[2 * FIELD_64BITS_WORDS] = {
    0x635F75F433FA683C, 0x65F272B5E6BEFCE3, 0x80705B8FECB1741D, 0x8E6B349F55A52804,
    0xBBA18EA79D3BF643, 0x30E7D10254066D5A, 0xF2E41DA1BABB28AF, 0x24D50C5C4ACAAB6
};
 
// Exponent constant required for computing cube-roots
#define CUBE_ROOT_EXPONENT_BITS         508
static const uint64_t CUBE_ROOT_EXPONENT[2 * FIELD_64BITS_WORDS] = {
    0xEF8C4E0EF1B339BB, 0xBFCFD0BFA6354A44, 0x73569AE3499363F6, 0x6C27D78BDB2EC72C,
    0xD405897067F1A47E, 0xCA54AE412AC184D0, 0x26B94CE9B46090A7, 0x82F58148265ED35
};
 
// Cube root of unity in Montgomery domain
static const uint64_t CUBE_ROOT_OF_UNITY[2 * FIELD_64BITS_WORDS] = {
    0x41695D8526AB3546, 0x55AE435EADD68100, 0x870D291E045B8B85, 0x4234E1FDBE67CACC,
    0x51F7A51182EFE488, 0x62B9FADE4B5DCC83, 0x70B2B9260CA7B1DE, 0x373C5B7CD991C3BB
};
 
static const uint64_t ONE_HALF[FIELD_64BITS_WORDS] = {
        0xDF4B513D6CAA655D, 0x5528DE50A914BF7F, 0xBC796B70FDD23A3D, 0x1EE58F0120CC1A99
};
 
static const uint64_t ONE_THIRD[FIELD_64BITS_WORDS] = {
    0x94DCE0D39DC6EE3E, 0x8E1B3EE070B87FAA, 0xD2FB9CF5FE8C26D3, 0x14990A00C08811BB
};
 
static const uint64_t ONE_NINTH[FIELD_64BITS_WORDS] = {
    0xE7308532105ED84B, 0x12FB7585428BEAB8, 0x5CD61081AAE8A432, 0x273BD3AA8A93FD0B
};
 
static const uint64_t ONE_BY_27[FIELD_64BITS_WORDS] = {
    0xD88A0E7BD0359DB, 0x22E33DA15020CE93, 0x4BF6688A8FC1653D, 0x4DD03C8D6DA9429D
};
 
#endif // SSEC_PARAMETERS_P255_H