DiSSECT

Name	w-254-mont
Category	nums
Description	Original nums curve from https://eprint.iacr.org/2014/130.pdf
Field	Prime (0x3f80ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff)
Field bits	254
Form	Weierstrass $y^{2} = x^{3} + a x + b$
Param $a$	0x3f80fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc
Param $b$	-0x2f72

Order	0x3f80ffffffffffffffffffffffffffffeb818bea0da375c06fa419c4af8df83f
Cofactor	0x1
$j$ -invariant	0x241bdb147c4142e61d7b9951a5890233884e3b890c9b6933f01b832cb776362
Trace $t$	0x147e7415f25c8a3f905be63b507207c1
Embedding degree $k$	0xcb36666666666666666666666666666624d1bfb9c53e459afed9ec0efe931a6
CM discriminant	-0xfc5fff6617e311c874f4297b4c0b5f269ab3a1cac911feec4904296677dfe07b

$cofactor ()$
order	0x3f80ffffffffffffffffffffffffffffeb818bea0da375c06fa419c4af8df83f
cofactor	0x1

$discriminant ()$
cm_disc	-0xfc5fff6617e311c874f4297b4c0b5f269ab3a1cac911feec4904296677dfe07b
factorization	['0x7', '0x3b', '0xbbff7', '0x56ed308d', '0x2735a0963c47f995916ae583e16403e6c3dfb4c9093a59a345']
max_conductor	0x1

$twist_order (d e g = 1)$
twist_cardinality	0x3f810000000000000000000000000000147e7415f25c8a3f905be63b507207c1
factorization	None

$twist_order (d e g = 2)$
twist_cardinality	0xfc0bf00ffffffffffffffffffffffffffffffffffffffffffffffffffffffff03a00099e81cee378b0bd684b3f4a0d9654c5e3536ee0113b6fbd69988201f85
factorization	None

$kn_factorization (k = 1)$
(+)factorization	['0x2', '0x2', '0x2', '0x2', '0x2', '0x2', '0xcd857bb', '0xacd9b459', '0x29ab55d7718e45', '0x1cd9a8b1a7707ded', '0x63ca4594a554a3589ab']
(+)largest_factor_bitlen	0x4b
(-)factorization	['0x2', '0x3', '0x5', '0xb', '0x732b27f', '0x6d812e8142ac0506f0754dbd83650dca2565b6ae64964eb4416c60d']
(-)largest_factor_bitlen	0xdb

$kn_factorization (k = 2)$
(+)factorization	['0x3', '0x3', '0x29', '0x63d9', '0xac27', '0x4322e1e9', '0x8eb1df657b', '0x43d99a0980e9', '0x65a8472eb8d9', '0x554c4cdff21d1b']
(+)largest_factor_bitlen	0x37
(-)factorization	['0x7', '0xd', '0x1d', '0x15b', '0x557', '0x23fb6f', '0x8ebbddff9', '0x15b88f8ca0a498b5643776d6772374e1514b8fb2959']
(-)largest_factor_bitlen	0xa9

$kn_factorization (k = 3)$
(+)factorization	['0x2', '0x49d50ad1f8bffe1', '0x14a48618ca8cd7bd814766833f2f43e5c228cbacdab1f07c3f']
(+)largest_factor_bitlen	0xc5
(-)factorization	['0x2', '0x2', '0x2f', '0x125', '0x2e3', '0x4e84b8ba4f86c3523629ad42c6a89d2376c17fa917f7e8190ffbbd132f']
(-)largest_factor_bitlen	0xe7

$kn_factorization (k = 4)$
(+)factorization	['0x5', '0x4006f9', '0xbca2125', '0x5278c0fd', '0x9a05300de45029', '0x58e477a0b85d123e9a010a811247a9']
(+)largest_factor_bitlen	0x77
(-)factorization	['0x3', '0x74b', '0x9ba21a8dd', '0x430dcb422bf', '0x6ea49f00c26251', '0xa8b221f82592bce37920d5410259']
(-)largest_factor_bitlen	0x70

$kn_factorization (k = 5)$
(+)factorization	['0x2', '0x2', '0x3', '0x7', '0x25cf2069268f', '0x4bbb8cb173711', '0x5683ddc60f7365bc13741e394d6e126ba6fecad']
(+)largest_factor_bitlen	0x9b
(-)factorization	['0x2', '0x13', '0xca375', '0xa9403ef43b2e4f8bd3d683c5bb20c1fb1850174c23944878f10912a573']
(-)largest_factor_bitlen	0xe8

$kn_factorization (k = 6)$
(+)factorization	['0x1d661d6c241c75', '0xcf5e17a1ca4519b2da594c10edee6fa41726a516dab8f75382f']
(+)largest_factor_bitlen	0xcc
(-)factorization	['0x5', '0x11', '0x18b9', '0xe595f1a31019229', '0x33c1e6e1128a3fe713f6d7170db4f5d0840df943bf475']
(-)largest_factor_bitlen	0xb2

$kn_factorization (k = 7)$
(+)factorization	['0x2', '0x43', '0x49', '0x17b', '0x283', '0x6b59', '0x1d80c81', '0x9414067', '0x58332fc1', '0xd04303ed3', '0x136732b89e8b', '0x14946ae87e629']
(+)largest_factor_bitlen	0x31
(-)factorization	['0x2', '0x2', '0x2', '0x3', '0x3', '0x3', '0x2e1d342991a317', '0x15b72abfe1f4715', '0x86af87e8cd193bd34d1f4992dd318df1ea7']
(-)largest_factor_bitlen	0x8c

$kn_factorization (k = 8)$
(+)factorization	['0x3', '0x89', '0x1ec07', '0x338e6de3', '0x33184712edb84faab4fcc03073564062fadf9f99993e8fb8c6f']
(+)largest_factor_bitlen	0xca
(-)factorization	['0xe5', '0x943', '0x6fed1', '0x30b3841733', '0x406700e925f9dd26c62a7', '0xb728efc8faaa136fdfa136895']
(-)largest_factor_bitlen	0x64

$torsion_extension (l = 2)$
least	0x3
full	0x3
relative	0x1

$torsion_extension (l = 3)$
least	0x8
full	0x8
relative	0x1

$torsion_extension (l = 5)$
least	0x6
full	0x6
relative	0x1

$torsion_extension (l = 7)$
least	0x6
full	0x7
relative	0x1

$torsion_extension (l = 11)$
least	0x5
full	0x5
relative	0x1

$torsion_extension (l = 13)$
least	0x18
full	0x18
relative	0x1

$torsion_extension (l = 17)$
least	0x18
full	0x18
relative	0x1

$conductor (d e g = 2)$
ratio_sqrt	0x147e7415f25c8a3f905be63b507207c1
factorization	['0xd', '0x49', '0x513b24d790687', '0x116c3bbaf7caeebfb']

$conductor (d e g = 3)$
ratio_sqrt	0x3ddcff6617e311c874f4297b4c0b5f269ab3a1cac911feec4904296677dfe07e
factorization	['0x2', '0x5', '0x11', '0xb3', '0x853b92f46801e642c588621635c4de382fae2d03cb743465a2739a5c7031']

$conductor (d e g = 4)$
ratio_sqrt	0xa094511053de2435b41ee1728c2e21d69e845624a67313a74175a131d577da77c5336a3629d3cdb7f14662f8695a93d
factorization	['0x3', '0xd', '0x49', '0x102b', '0x3d2b7ed78f84b', '0x513b24d790687', '0x116c3bbaf7caeebfb', '0xad12af1dea2f4d66f2bc104f57f9cc1ce1f2a3b684bfe1d7']

$embedding ()$
embedding_degree_complement	0x5
complement_bit_length	0x3

$class_number ()$
upper	0x3813ae3ecb9accb14bc3cc8bc4b1347a43
lower	0x4d276b

$small_prime_order (l = 2)$
order	0x659b33333333333333333333333333331268dfdce29f22cd7f6cf6077f498d3
complement_bit_length	0x4

$small_prime_order (l = 3)$
order	0x3f80ffffffffffffffffffffffffffffeb818bea0da375c06fa419c4af8df83e
complement_bit_length	0x1

$small_prime_order (l = 5)$
order	0x659b33333333333333333333333333331268dfdce29f22cd7f6cf6077f498d3
complement_bit_length	0x4

$small_prime_order (l = 7)$
order	0x152afffffffffffffffffffffffffffff92b2ea359e127402536b3418fd9fd6a
complement_bit_length	0x2

$small_prime_order (l = 11)$
order	0xcb36666666666666666666666666666624d1bfb9c53e459afed9ec0efe931a6
complement_bit_length	0x3

$small_prime_order (l = 13)$
order	0x5c5e8ba2e8ba2e8ba2e8ba2e8ba2e8ba10bc6e6bb6bf36e95c9199d8452b97a
complement_bit_length	0x4

$division_polynomials (l = 2)$
factorization	[['0x3', '0x1']]
len	0x1

$division_polynomials (l = 3)$
factorization	[['0x4', '0x1']]
len	0x1

$division_polynomials (l = 5)$
factorization	[['0x3', '0x4']]
len	0x1

$volcano (l = 2)$
crater_degree	0x0
depth	0x0

$volcano (l = 3)$
crater_degree	0x0
depth	0x0

$volcano (l = 5)$
crater_degree	0x0
depth	0x0

$volcano (l = 7)$
crater_degree	0x1
depth	0x0

$volcano (l = 11)$
crater_degree	0x2
depth	0x0

$volcano (l = 13)$
crater_degree	0x0
depth	0x0

$volcano (l = 17)$
crater_degree	0x0
depth	0x0

$volcano (l = 19)$
crater_degree	0x2
depth	0x0

$isogeny_extension (l = 2)$
least	0x3
full	0x3
relative	0x1

$isogeny_extension (l = 3)$
least	0x4
full	0x4
relative	0x1

$isogeny_extension (l = 5)$
least	0x3
full	0x3
relative	0x1

$isogeny_extension (l = 7)$
least	0x1
full	0x7
relative	0x7

$isogeny_extension (l = 11)$
least	0x1
full	0x5
relative	0x5

$isogeny_extension (l = 13)$
least	0x2
full	0x2
relative	0x1

$isogeny_extension (l = 17)$
least	0x3
full	0x3
relative	0x1

$isogeny_extension (l = 19)$
least	0x1
full	0x9
relative	0x9

$trace_factorization (d e g = 1)$
trace	0x147e7415f25c8a3f905be63b507207c1
trace_factorization	['0xd', '0x49', '0x513b24d790687', '0x116c3bbaf7caeebfb']
number_of_factors	0x4

$trace_factorization (d e g = 2)$
trace	0x147e7415f25c8a3f905be63b507207c1
trace_factorization	['0x3', '0x102b', '0x3d2b7ed78f84b', '0xad12af1dea2f4d66f2bc104f57f9cc1ce1f2a3b684bfe1d7']
number_of_factors	0x4

$isogeny_neighbors (l = 2)$
len	0x0

$isogeny_neighbors (l = 3)$
len	0x0

$isogeny_neighbors (l = 5)$
len	0x0

$q_torsion ()$
Q_torsion	0x1

$hamming_x (w e i g h t = 1)$
x_coord_count	0x81
expected	0x7f
ratio	0.9845

$hamming_x (w e i g h t = 2)$
x_coord_count	0x3fa4
expected	0x3ec1
ratio	0.98607

$hamming_x (w e i g h t = 3)$
x_coord_count	0x149cca
expected	0x14977e
ratio	0.999

$square_4p1 ()$
p	0x1
order	0x1

$pow_distance ()$
distance	0x7f0000000000000000000000000000147e7415f25c8a3f905be63b507207c1
ratio	128.00787
distance 32	0x1
distance 64	0x1

$multiples_x (k = 1)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 2)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 3)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 4)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 5)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 6)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 7)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 8)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 9)$
Hx	None
bits	None
difference	None
ratio	None

$multiples_x (k = 10)$
Hx	None
bits	None
difference	None
ratio	None

$x962_invariant ()$
r	0x257b46b4007528497a9d0fc152d5bed262c2a58eb7f26dd99a8e09ff2b9a21

$brainpool_overlap ()$
o	0x1ffffffffffffffffffffffd

$weierstrass ()$
a	0x3f80fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc
b	-0x2f72

Curve detail

Definition

Characteristics

Traits