p254.h

Go to the documentation of this file.

// Parameters concerning P254
 
#ifndef SSEC_PARAMETERS_P254_H
#define SSEC_PARAMETERS_P254_H
 
#define FIELD_NAME          "p254"
#define FIELD_BITS          254
#define FIELD_BYTES         32
#define FIELD_64BITS_WORDS  4
#define QFIELD_BYTES        64
#define MASK_FIELD_ELEMENT  0x3fffffffffffffff
#define SECURITY_BITS       128
 
#define BIT_LENGTH_PATH     256
#define TRITLENGTH_PATH     162
 
// Field characteristic p
static const uint64_t FIELD_CHARACTERISTIC[FIELD_64BITS_WORDS] = {
    0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x323FFFFFFFFFFFFF
};
 
// Neutral multiplicative in Montgomery domain: R = 2ᵉ mod p
static const uint64_t MONTGOMERY_CONSTANT_ONE[FIELD_64BITS_WORDS] = {
    0x5, 0x0, 0x0, 0x4C0000000000000
};
 
// Montgomery constant R² = (2ᵉ)² mod p where e = 0 mod 64 s.t. 2ᵉ⁻⁶⁴ < p < 2ᵉ
static const uint64_t MONTGOMERY_CONSTANT_R_SQUARED[FIELD_64BITS_WORDS] = {
    0x1460CBC7F5CF9A35, 0x51832F1FD73E6870, 0x460CBC7F5CF9A1C0, 0x30F2F1FD73E68701
};
 
// Exponent constant required for field inversion: p - 2
static const uint64_t FIELD_INVERSION_EXPONENT[FIELD_64BITS_WORDS] = {
    0xFFFFFFFFFFFFFFFD, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x323FFFFFFFFFFFFF
};
 
// Exponent constant required for computing square-roots in GF(p): (p - 1) / 2
static const uint64_t SQUARE_ROOT_EXPONENT_12[FIELD_64BITS_WORDS] = {
    0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x191FFFFFFFFFFFFF
};
 
// Exponent constant required for computing square-roots in GF(p²): (p - 3) / 4
static const uint64_t SQUARE_ROOT_EXPONENT_34[FIELD_64BITS_WORDS] = {
    0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xC8FFFFFFFFFFFFF
};
 
// Exponent constant required for computing square-roots in GF(p²): (p + 1) / 4
static const uint64_t SQUARE_ROOT_EXPONENT_14[FIELD_64BITS_WORDS] = {
    0x0, 0x0, 0x0, 0xC90000000000000
};
 
#define SSEC_CUBE_ROOT_OVER_FP
// Exponent constant required for computing square-roots in GF(p): (2p - 1) / 3
static const uint64_t CUBE_ROOT_EXPONENT_213[FIELD_64BITS_WORDS] = {
    0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x217FFFFFFFFFFFFF
};
 
// Exponent constant required for computing cube-roots
#define CUBE_ROOT_EXPONENT_BITS         506
static const uint64_t CUBE_ROOT_EXPONENT[2 * FIELD_64BITS_WORDS] = {
    0xAAAAAAAAAAAAAAAB, 0xAAAAAAAAAAAAAAAA, 0xAAAAAAAAAAAAAAAA, 0xE9AAAAAAAAAAAAAA,
    0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x2311FFFFFFFFFFF
};
 
// Cube root of unity in Montgomery domain
static const uint64_t CUBE_ROOT_OF_UNITY[2 * FIELD_64BITS_WORDS] = {
    0xFFFFFFFFFFFFFFFD, 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF, 0x16BFFFFFFFFFFFFF,
    0x2BE85CAD6563F718, 0xB8E8A26AB9843F5A, 0x70BC8344180A86C, 0x10A792838EB830EF
};
 
static const uint64_t ONE_HALF[FIELD_64BITS_WORDS] = {
        0x0000000000000002, 0x0000000000000000, 0x0000000000000000, 0x1B80000000000000
};
 
static const uint64_t ONE_THIRD[FIELD_64BITS_WORDS] = {
    0x5555555555555557, 0x5555555555555555, 0x5555555555555555, 0x195555555555555
};
 
static const uint64_t ONE_NINTH[FIELD_64BITS_WORDS] = {
    0x71C71C71C71C71C7, 0xC71C71C71C71C71C, 0x1C71C71C71C71C71, 0x22071C71C71C71C7
};
 
static const uint64_t ONE_BY_27[FIELD_64BITS_WORDS] = {
    0x7B425ED097B425ED, 0x425ED097B425ED09, 0x5ED097B425ED097B, 0xB57B425ED097B42
};
 
#endif // SSEC_PARAMETERS_P254_H