DiSSECT

Name	ed-256-mont
Category	nums
Description	Original nums curve from https://eprint.iacr.org/2014/130.pdf
Field	Prime (0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff)
Field bits	256
Form	Twisted Edwards $ax^2 + y^2 = 1 + dx^2y^2$
Param $a$	0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
Param $d$	0x350a

Order	0x3fe9ffffffffffffffffffffffffffffb154bbafb86733c966d92eded8ec7bab
Cofactor	0x4
$j$-invariant	0x518d79145010414d302bdda036cde5e5ba872b130a5dcf09e8ee5efbf18f09b8
Trace $t$	0x13aad11411e6330da649b44849c4e1154
Embedding degree $k$	0x3fe9ffffffffffffffffffffffffffffb154bbafb86733c966d92eded8ec7baa
CM discriminant	-0x9ef4bf2afb91f8dfa6e3fafa97647fec3e69b0aef222804896c8911cc3e8ef1b

$\text{cofactor}()$
order	0x3fe9ffffffffffffffffffffffffffffb154bbafb86733c966d92eded8ec7bab
cofactor	0x4

$\text{discriminant}()$
cm_disc	-0x9ef4bf2afb91f8dfa6e3fafa97647fec3e69b0aef222804896c8911cc3e8ef1b
factorization	['0x2', '0x2', '0x71', '0xf43', '0x10fb5', '0xef03311f', '0x17cfd71b644129d26145a7299e39c167cf8d72c72b9747cb']
max_conductor	0x2

$\text{twist_order}(deg=1)$
twist_cardinality	0xffa800000000000000000000000000013aad11411e6330da649b44849c4e1154
factorization	None

$\text{twist_order}(deg=2)$
twist_cardinality	0xff501e3ffffffffffffffffffffffffffffffffffffffffffffffffffffffffd842d035411b81c8164701415a26e004f06593d443775fedda4ddbb8cf05c4394
factorization	None

$\text{kn_factorization}(k=1)$
(+)factorization	NO DATA (timed out)
(+)largest_factor_bitlen	NO DATA (timed out)
(-)factorization	['0x3', '0x13', '0xad', '0x1070b', '0x14dca63a3', '0x4f43846c4c829548fc244e9c7695d9391bc16fdcf1594cc6f']
(-)largest_factor_bitlen	0xc3

$\text{kn_factorization}(k=2)$
(+)factorization	NO DATA (timed out)
(+)largest_factor_bitlen	NO DATA (timed out)
(-)factorization	['0x53', '0x6290f6bf3a9a3784a062b2e43dafcea6148f0299c91a8761c6b4b7517fe1e6d']
(-)largest_factor_bitlen	0xfb

$\text{kn_factorization}(k=3)$
(+)factorization	['0x1d', '0x15091', '0x12422d97d', '0x1652d7a075', '0xca270e1c60fa63eec5550a3d988579d138c29739d9']
(+)largest_factor_bitlen	0xa8
(-)factorization	NO DATA (timed out)
(-)largest_factor_bitlen	NO DATA (timed out)

$\text{kn_factorization}(k=4)$
(+)factorization	NO DATA (timed out)
(+)largest_factor_bitlen	NO DATA (timed out)
(-)factorization	['0x3', '0x5', '0x8909', '0x2a61f', '0x301484c8c7e98b6a312f457634a19ff737677e52eaddc6e0d1a70547']
(-)largest_factor_bitlen	0xde

$\text{kn_factorization}(k=5)$
(+)factorization	['0x3', '0x2f', '0x44153', '0x9af054d', '0x99d6c800b', '0x47a6c98b289b9', '0x194d86e32302b49', '0xd3c0aaa423bf2f45']
(+)largest_factor_bitlen	0x40
(-)factorization	['0xff70f7', '0x50113c715e73bef9bf389856157100e013dce3b19ab7abc528bb29915bd']
(-)largest_factor_bitlen	0xeb

$\text{kn_factorization}(k=6)$
(+)factorization	['0x5', '0x5', '0x17', '0x67', '0x137', '0x12631b22d765', '0xde4940a09e4e1e0e02b', '0x57837cd1e173e3542f815dc950721']
(+)largest_factor_bitlen	0x73
(-)factorization	NO DATA (timed out)
(-)largest_factor_bitlen	NO DATA (timed out)

$\text{kn_factorization}(k=7)$
(+)factorization	['0x11', '0x133', '0x338b9', '0x773839d3', '0x3a829a699db55a7d3281cf84b609ea138e5520e66a01605fe5']
(+)largest_factor_bitlen	0xc6
(-)factorization	['0x3', '0x3', '0x19f85', '0x109093', '0x11d7a77', '0x6a1c8bde0f6c4a98a4164d0f06aa4862ba357b9a733950d63']
(-)largest_factor_bitlen	0xc3

$\text{kn_factorization}(k=8)$
(+)factorization	['0x3', '0x25', '0x71', '0x191', '0x1aa623563a6bdef227491259af97ed82f779d1bed6a51503190a83e4b02f']
(+)largest_factor_bitlen	0xed
(-)factorization	NO DATA (timed out)
(-)largest_factor_bitlen	NO DATA (timed out)

$\text{torsion_extension}(l=2)$
least	0x1
full	0x2
relative	0x2

$\text{torsion_extension}(l=3)$
least	0x8
full	0x8
relative	0x1

$\text{torsion_extension}(l=5)$
least	0x18
full	0x18
relative	0x1

$\text{torsion_extension}(l=7)$
least	0xc
full	0xc
relative	0x1

$\text{torsion_extension}(l=11)$
least	0x28
full	0x28
relative	0x1

$\text{torsion_extension}(l=13)$
least	0x38
full	0x38
relative	0x1

$\text{torsion_extension}(l=17)$
least	0x8
full	0x10
relative	0x2

$\text{conductor}(deg=2)$
ratio_sqrt	0x13aad11411e6330da649b44849c4e1154
factorization	['0x2', '0x2', '0x7', '0x3b3', '0x827', '0xdb67', '0x6f50847245f6adc29d4501']

$\text{conductor}(deg=3)$
ratio_sqrt	0x8325035411b81c8164701415a26e004f06593d443775fedda4ddbb8cf05c4391
factorization	NO DATA (timed out)

$\text{conductor}(deg=4)$
ratio_sqrt	0x990cd6d401455e1ef1fd7bfb96475befef842246518172ef6ef18bea57910adc02b216538249ac5fc375053972c12218
factorization	NO DATA (timed out)

$\text{embedding}()$
embedding_degree_complement	0x1
complement_bit_length	0x1

$\text{class_number}()$
upper	0x2c6357fbe3accfe956e9dd9c119b371ab0
lower	0xd54034

$\text{small_prime_order}(l=2)$
order	None
complement_bit_length	None

$\text{small_prime_order}(l=3)$
order	0x3fe9ffffffffffffffffffffffffffffb154bbafb86733c966d92eded8ec7baa
complement_bit_length	0x2

$\text{small_prime_order}(l=5)$
order	0x1ff4ffffffffffffffffffffffffffffd8aa5dd7dc3399e4b36c976f6c763dd5
complement_bit_length	0x3

$\text{small_prime_order}(l=7)$
order	0x3fe9ffffffffffffffffffffffffffffb154bbafb86733c966d92eded8ec7baa
complement_bit_length	0x2

$\text{small_prime_order}(l=11)$
order	0x442ccccccccccccccccccccccccccccc78e2ea5508f69da3a0e7a9763cb7fb6
complement_bit_length	0x5

$\text{small_prime_order}(l=13)$
order	0x1ff4ffffffffffffffffffffffffffffd8aa5dd7dc3399e4b36c976f6c763dd5
complement_bit_length	0x3

$\text{division_polynomials}(l=2)$
factorization	[['0x1', '0x1'], ['0x2', '0x1']]
len	0x2

$\text{division_polynomials}(l=3)$
factorization	[['0x4', '0x1']]
len	0x1

$\text{division_polynomials}(l=5)$
factorization	[['0xc', '0x1']]
len	0x1

$\text{volcano}(l=2)$
crater_degree	0x0
depth	0x1

$\text{volcano}(l=3)$
crater_degree	0x0
depth	0x0

$\text{volcano}(l=5)$
crater_degree	0x0
depth	0x0

$\text{volcano}(l=7)$
crater_degree	0x0
depth	0x0

$\text{volcano}(l=11)$
crater_degree	0x0
depth	0x0

$\text{volcano}(l=13)$
crater_degree	0x0
depth	0x0

$\text{volcano}(l=17)$
crater_degree	0x2
depth	0x0

$\text{volcano}(l=19)$
crater_degree	0x0
depth	0x0

$\text{isogeny_extension}(l=2)$
least	0x1
full	0x2
relative	0x2

$\text{isogeny_extension}(l=3)$
least	0x4
full	0x4
relative	0x1

$\text{isogeny_extension}(l=5)$
least	0x6
full	0x6
relative	0x1

$\text{isogeny_extension}(l=7)$
least	0x2
full	0x2
relative	0x1

$\text{isogeny_extension}(l=11)$
least	0x4
full	0x4
relative	0x1

$\text{isogeny_extension}(l=13)$
least	0xe
full	0xe
relative	0x1

$\text{isogeny_extension}(l=17)$
least	0x1
full	0x10
relative	0x10

$\text{isogeny_extension}(l=19)$
least	0xa
full	0xa
relative	0x1

$\text{trace_factorization}(deg=1)$
trace	0x13aad11411e6330da649b44849c4e1154
trace_factorization	['0x2', '0x2', '0x7', '0x3b3', '0x827', '0xdb67', '0x6f50847245f6adc29d4501']
number_of_factors	0x6

$\text{trace_factorization}(deg=2)$
trace	0x13aad11411e6330da649b44849c4e1154
trace_factorization	['0x2', '0x3', '0x3', '0xb', '0x161', '0x6a1', '0x119caac9e48600cdcd855ac5ed5f0bbb71fa915bbfd9f4cc857b2ebd1d']
number_of_factors	0x6

$\text{isogeny_neighbors}(l=2)$
len	0x1

$\text{isogeny_neighbors}(l=3)$
len	0x0

$\text{isogeny_neighbors}(l=5)$
len	0x0

$\text{q_torsion}()$
Q_torsion	0x1

$\text{hamming_x}(weight=1)$
x_coord_count	0x77
expected	0x80
ratio	1.07563

$\text{hamming_x}(weight=2)$
x_coord_count	0x3fe4
expected	0x3fc0
ratio	0.9978

$\text{hamming_x}(weight=3)$
x_coord_count	0x15205b
expected	0x151580
ratio	0.99799

$\text{square_4p1}()$
p	0x1
order	0x1

$\text{pow_distance}()$
distance	0x5800000000000000000000000000013aad11411e6330da649b44849c4e1154
ratio	743.72727
distance 32	0xc
distance 64	0x14

$\text{multiples_x}(k=1)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=2)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=3)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=4)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=5)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=6)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=7)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=8)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=9)$
Hx	None
bits	None
difference	None
ratio	None

$\text{multiples_x}(k=10)$
Hx	None
bits	None
difference	None
ratio	None

$\text{x962_invariant}()$
r	0xefe0c841e3ef76e32aa751d4ce5413a0dc21292f1a5a8c984de2a6d9ad6b03ff

$\text{brainpool_overlap}()$
o	-0xa5cc80f39ec7949ba31f74d1

$\text{weierstrass}()$
a	0x46f46e898d76fdeb3e1c847d22da305ea66abef15087e591602e22654cdc0183
b	0xf6546684fef5b700effb7654871f4eb20bf3c09a23f76395492eec0c94ad9ee2

Curve detail

Definition

Characteristics

Traits