Curve detail
Definition
| Name | w-256-mont |
|---|---|
| Category | nums |
| Description | Original nums curve from https://eprint.iacr.org/2014/130.pdf |
| Field | Prime (0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff) |
| Field bits | 256 |
| Form | Weierstrass $y^2 = x^3 + ax + b$ |
| Param $a$ | 0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| Param $b$ | 0x14e6a |
Characteristics
| Order | 0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb |
| Cofactor | 0x1 |
| $j$-invariant | 0xbdd11a669cf91ff7ba81bd7a3159895c9af1a2ae722e0dd0a63e11de0d5777a0 |
| Trace $t$ | 0x3ae8aec191af8b462ef3a1e5867a815 |
| Embedding degree $k$ | 0x7fd3fffffffffffffffffffffffffffffe28ba89f37283a5ce8862f0d3cc2bf5 |
| CM discriminant | -0x3fe9271bd5313d8b2502498c5435cb527c270b363ccc4c09445cda98ce0be6e43 |
Traits
| $\text{cofactor}()$ | |
|---|---|
| order | 0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb |
| cofactor | 0x1 |
| $\text{discriminant}()$ | |
| cm_disc | -0x3fe9271bd5313d8b2502498c5435cb527c270b363ccc4c09445cda98ce0be6e43 |
| factorization | ['0x7', '0x9214ebad5502d5d054978389e50d3e7364eb8757666540152e8b1838b26458e5'] |
| max_conductor | 0x1 |
| $\text{twist_order}(deg=1)$ | |
| twist_cardinality | 0xffa8000000000000000000000000000003ae8aec191af8b462ef3a1e5867a815 |
| factorization | None |
| $\text{twist_order}(deg=2)$ | |
| twist_cardinality | 0xff501e3ffffffffffffffffffffffffffffffffffffffffffffffffffffffffc016d8e42acec274dafdb673abca34ad83d8f4c9c333b3f6bba3256731f4191bd |
| factorization | None |
| $\text{kn_factorization}(k=1)$ | |
| (+)factorization | ['0x2', '0x2', '0x11', '0x17', '0xa8b', '0xe21', '0x138b', '0x1ee9f2af315f', '0x1e79407b57e1a3f1659dc650d0602cb3624ab88eab'] |
| (+)largest_factor_bitlen | 0xa5 |
| (-)factorization | ['0x2', '0x3', '0xc26ccd91e3a7', '0x14f601e0439350606e3', '0x2ad34f0e0d72bd08ed9074be46ff05adcb'] |
| (-)largest_factor_bitlen | 0x86 |
| $\text{kn_factorization}(k=2)$ | |
| (+)factorization | ['0x3', '0x293', '0x449', '0x1b2d0c7dc863', '0x918c6eb0cbfe2297d69e0ac64d442063d7c5115bac9d7a3d'] |
| (+)largest_factor_bitlen | 0xc0 |
| (-)factorization | ['0x5', '0x17cbd5e8a7', '0x7e0114ce4b99b3caf', '0x8bb2197cefc5f297fc32dda53852424fa29d29'] |
| (-)largest_factor_bitlen | 0x98 |
| $\text{kn_factorization}(k=3)$ | |
| (+)factorization | ['0x2', '0x5', '0x7', '0x6d', '0x2738b', '0x4d5298ddb05f', '0x22c164dce8cc681db29e97474609238c08e29500d79d5b'] |
| (+)largest_factor_bitlen | 0xb6 |
| (-)factorization | ['0x2', '0x2', '0x2', '0x2', '0x2', '0x2', '0xbfbdfffffffffffffffffffffffffffffd3d17ceed2bc578b5cc94693db241f'] |
| (-)largest_factor_bitlen | 0xfc |
| $\text{kn_factorization}(k=4)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | ['0x3', '0x3', '0x7', '0x51eaa7d91d705b', '0x32ba3fe03c518544be41c319b85a82e45b3a8276250c0e44cf'] |
| (-)largest_factor_bitlen | 0xc6 |
| $\text{kn_factorization}(k=5)$ | |
| (+)factorization | ['0x2', '0x2', '0x2', '0x3', '0x3', '0x3', '0x1f', '0x1c46f', '0x8138025ced7', '0x6ffc471a8be3', '0x7d3c6131b33d1e7cec7d58866b9ca19ac65'] |
| (+)largest_factor_bitlen | 0x8b |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=6)$ | |
| (+)factorization | ['0xd', '0x2f', '0xcade13', '0x20fcef69', '0x10b35b94d55613', '0x178dd46d6dfe6743f91116f985fc3852dec51'] |
| (+)largest_factor_bitlen | 0x91 |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=7)$ | |
| (+)factorization | ['0x2', '0x25b1ca5cad29', '0x24be40ec068af043d29c6177', '0xa563e485575ab6a270ece6e03248d9'] |
| (+)largest_factor_bitlen | 0x78 |
| (-)factorization | ['0x2', '0x2', '0x3', '0x5', '0xb', '0xd', '0x3565536c7c993df0f65536c7c993df0f648e90fe4f0408af3d912b1e8a5bbb'] |
| (-)largest_factor_bitlen | 0xf6 |
| $\text{kn_factorization}(k=8)$ | |
| (+)factorization | ['0x3', '0x5', '0x5', '0x115', '0xd00ab', '0xbc4fbe61', '0x545aba5138b7dc73f613605', '0x7ff26ef9d2d71be8cb3b8af6b9'] |
| (+)largest_factor_bitlen | 0x67 |
| (-)factorization | ['0x21d', '0x3c7cec9950eab4c2f51dcfbbdc0976c5cb13bef4259823cbdb57b9772a04d03'] |
| (-)largest_factor_bitlen | 0xfa |
| $\text{torsion_extension}(l=2)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{torsion_extension}(l=3)$ | |
| least | 0x8 |
| full | 0x8 |
| relative | 0x1 |
| $\text{torsion_extension}(l=5)$ | |
| least | 0x8 |
| full | 0x8 |
| relative | 0x1 |
| $\text{torsion_extension}(l=7)$ | |
| least | 0x6 |
| full | 0x7 |
| relative | 0x1 |
| $\text{torsion_extension}(l=11)$ | |
| least | 0x78 |
| full | 0x78 |
| relative | 0x1 |
| $\text{torsion_extension}(l=13)$ | |
| least | 0x6 |
| full | 0xc |
| relative | 0x2 |
| $\text{torsion_extension}(l=17)$ | |
| least | 0x4 |
| full | 0x10 |
| relative | 0x4 |
| $\text{conductor}(deg=2)$ | |
| ratio_sqrt | 0x3ae8aec191af8b462ef3a1e5867a815 |
| factorization | ['0x5', '0x27a7', '0x4c1084705d732eb63fae804aec7'] |
| $\text{conductor}(deg=3)$ | |
| ratio_sqrt | 0xff9a71bd5313d8b2502498c5435cb527c270b363ccc4c09445cda98ce0be6e46 |
| factorization | ['0x2', '0x17', '0x1acf', '0xdc02d6b773', '0x1fb80cb4fc0f', '0x1f24ce3ef2656ddd046b8933e8a98f5505b27b7'] |
| $\text{conductor}(deg=4)$ | |
| ratio_sqrt | 0x75a5befdb5bf6e45212beab237018f37028c576b383e5656f3101fba5e48070685b4085cdf8c3f12dcacca77dbf53a9 |
| factorization | NO DATA (timed out) |
| $\text{embedding}()$ | |
| embedding_degree_complement | 0x2 |
| complement_bit_length | 0x2 |
| $\text{class_number}()$ | |
| upper | 0x71c48652fbc991658016abcfe4d4daf05a |
| lower | 0x1 |
| $\text{small_prime_order}(l=2)$ | |
| order | 0x5537fffffffffffffffffffffffffffffec5d1b14cf7026e89b041f5e2881d4e |
| complement_bit_length | 0x2 |
| $\text{small_prime_order}(l=3)$ | |
| order | 0x5537fffffffffffffffffffffffffffffec5d1b14cf7026e89b041f5e2881d4e |
| complement_bit_length | 0x2 |
| $\text{small_prime_order}(l=5)$ | |
| order | 0x5537fffffffffffffffffffffffffffffec5d1b14cf7026e89b041f5e2881d4e |
| complement_bit_length | 0x2 |
| $\text{small_prime_order}(l=7)$ | |
| order | 0x5537fffffffffffffffffffffffffffffec5d1b14cf7026e89b041f5e2881d4e |
| complement_bit_length | 0x2 |
| $\text{small_prime_order}(l=11)$ | |
| order | 0x7fd3fffffffffffffffffffffffffffffe28ba89f37283a5ce8862f0d3cc2bf5 |
| complement_bit_length | 0x2 |
| $\text{small_prime_order}(l=13)$ | |
| order | 0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857ea |
| complement_bit_length | 0x1 |
| $\text{division_polynomials}(l=2)$ | |
| factorization | [['0x3', '0x1']] |
| len | 0x1 |
| $\text{division_polynomials}(l=3)$ | |
| factorization | [['0x4', '0x1']] |
| len | 0x1 |
| $\text{division_polynomials}(l=5)$ | |
| factorization | [['0x4', '0x3']] |
| len | 0x1 |
| $\text{volcano}(l=2)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=3)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=5)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=7)$ | |
| crater_degree | 0x1 |
| depth | 0x0 |
| $\text{volcano}(l=11)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=13)$ | |
| crater_degree | 0x2 |
| depth | 0x0 |
| $\text{volcano}(l=17)$ | |
| crater_degree | 0x2 |
| depth | 0x0 |
| $\text{volcano}(l=19)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{isogeny_extension}(l=2)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=3)$ | |
| least | 0x4 |
| full | 0x4 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=5)$ | |
| least | 0x2 |
| full | 0x2 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=7)$ | |
| least | 0x1 |
| full | 0x7 |
| relative | 0x7 |
| $\text{isogeny_extension}(l=11)$ | |
| least | 0xc |
| full | 0xc |
| relative | 0x1 |
| $\text{isogeny_extension}(l=13)$ | |
| least | 0x1 |
| full | 0xc |
| relative | 0xc |
| $\text{isogeny_extension}(l=17)$ | |
| least | 0x1 |
| full | 0x10 |
| relative | 0x10 |
| $\text{isogeny_extension}(l=19)$ | |
| least | 0x5 |
| full | 0x5 |
| relative | 0x1 |
| $\text{trace_factorization}(deg=1)$ | |
| trace | 0x3ae8aec191af8b462ef3a1e5867a815 |
| trace_factorization | ['0x5', '0x27a7', '0x4c1084705d732eb63fae804aec7'] |
| number_of_factors | 0x3 |
| $\text{trace_factorization}(deg=2)$ | |
| trace | 0x3ae8aec191af8b462ef3a1e5867a815 |
| trace_factorization | NO DATA (timed out) |
| number_of_factors | NO DATA (timed out) |
| $\text{isogeny_neighbors}(l=2)$ | |
| len | 0x0 |
| $\text{isogeny_neighbors}(l=3)$ | |
| len | 0x0 |
| $\text{isogeny_neighbors}(l=5)$ | |
| len | 0x0 |
| $\text{q_torsion}()$ | |
| Q_torsion | 0x1 |
| $\text{hamming_x}(weight=1)$ | |
| x_coord_count | 0x84 |
| expected | 0x80 |
| ratio | 0.9697 |
| $\text{hamming_x}(weight=2)$ | |
| x_coord_count | 0x3fad |
| expected | 0x3fc0 |
| ratio | 1.00117 |
| $\text{hamming_x}(weight=3)$ | |
| x_coord_count | 0x1510d3 |
| expected | 0x151580 |
| ratio | 1.00087 |
| $\text{square_4p1}()$ | |
| p | 0x1 |
| order | 0x3 |
| $\text{pow_distance}()$ | |
| distance | 0x58000000000000000000000000000003ae8aec191af8b462ef3a1e5867a815 |
| ratio | 743.72727 |
| distance 32 | 0xb |
| distance 64 | 0x15 |
| $\text{multiples_x}(k=1)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=2)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=3)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=4)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=5)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=6)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=7)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=8)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=9)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=10)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{x962_invariant}()$ | |
| r | 0x5f9abb8c2b23b29a3da9ee8c8b5e7857b4f50991ae200dd76228fa07482acad3 |
| $\text{brainpool_overlap}()$ | |
| o | 0x7ffffffffffffffffffffffc |
| $\text{weierstrass}()$ | |
| a | 0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| b | 0x14e6a |