Curve detail
Definition
| Name | w-384-mont |
|---|---|
| Category | nums |
| Description | Original nums curve from https://eprint.iacr.org/2014/130.pdf |
| Field | Prime (0xb0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff) |
| Field bits | 384 |
| Form | Weierstrass $y^2 = x^3 + ax + b$ |
| Param $a$ | 0xb0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| Param $b$ | 0x6c96 |
Characteristics
| Order | 0xb0ffffffffffffffffffffffffffffffffffffffffffffffba9b7f14ca7512537a4edcd38a7c41da29be4894b298eebb |
| Cofactor | 0x1 |
| $j$-invariant | 0x3d01bf71194313e5bc0b2ace28c9f389cdeb62b7c7d842fc45bcdea37f7324f26d5e42f81ebc4797eba9173cede2623e |
| Trace $t$ | 0x456480eb358aedac85b1232c7583be25d641b76b4d671145 |
Traits
| $\text{cofactor}()$ | |
|---|---|
| order | 0xb0ffffffffffffffffffffffffffffffffffffffffffffffba9b7f14ca7512537a4edcd38a7c41da29be4894b298eebb |
| cofactor | 0x1 |
| $\text{discriminant}()$ | |
| cm_disc | None |
| factorization | None |
| max_conductor | None |
| $\text{twist_order}(deg=1)$ | |
| twist_cardinality | 0xb10000000000000000000000000000000000000000000000456480eb358aedac85b1232c7583be25d641b76b4d671145 |
| factorization | None |
| $\text{twist_order}(deg=2)$ | |
| twist_cardinality | 0x7a60fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd4ecf54f3c38ac64ef4c9a196927c3be8aca41d2694a66e308239ef1b863703c758b6766c295b9ecb474a3f9068b03c9d |
| factorization | None |
| $\text{kn_factorization}(k=1)$ | |
| (+)factorization | ['0x2', '0x2', '0xb', '0x2f', '0x137', '0x1e7', '0x13265', '0xe15a354c049', '0x8ffb8c4d1effdf4900d15e0d1d91ec2b81abb3e0062464d457a9fd6ddf094dfa1f271ffd4f'] |
| (+)largest_factor_bitlen | 0x128 |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=2)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=3)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | ['0x2', '0x2', '0x2', '0x2', '0x365fe8648f41', '0x9c3fd2d7e5a34708b1e78afc3623c10c80c5f1fdab4aad2f30ace58cb42f401b62cc6ab27b7a338e3f03'] |
| (-)largest_factor_bitlen | 0x150 |
| $\text{kn_factorization}(k=4)$ | |
| (+)factorization | ['0x5', '0x4b1f', '0x8f9c40739', '0x4550aec5b5f64fd', '0xa4d655f951ebc60cff', '0x1345eaadd25a28a359af921a7d8a48a1d53eab438b828fef2b45'] |
| (+)largest_factor_bitlen | 0xcd |
| (-)factorization | ['0x3', '0x3', '0xd', '0x13', '0x137c5a53', '0x155df12b', '0x2c0660819', '0xf55a82c8405', '0xb5131662b9b5b', '0x1ae044a86922670637338f6bf8e22fc0aeac7a30cbeca7fb'] |
| (-)largest_factor_bitlen | 0xbd |
| $\text{kn_factorization}(k=5)$ | |
| (+)factorization | ['0x2', '0x2', '0x2', '0x3', '0x3', '0x3', '0xef', '0x7f3d', '0x8d4719f251009a73ceddbc3bec1c1db53e4df3710257bf23a1827bb081074be8e71c38b8102af27a57db6cc15'] |
| (+)largest_factor_bitlen | 0x164 |
| (-)factorization | ['0x2', '0x7', '0x1639', '0x1b9d', '0xe4cd', '0x1d81c49cbf2cbc74ee3f1a49de0bbe6c9d4f170c320ef27c3c1e7c31295e0c39e9ef5105cc7a0fe42623e5'] |
| (-)largest_factor_bitlen | 0x155 |
| $\text{kn_factorization}(k=6)$ | |
| (+)factorization | ['0x3f5', '0x8c43c0bb75a8d', '0x1e9d4df6069b5b22854eb05735636aacdc35888425a256ddc904e7c4051a3611270f10f2a776f8c193'] |
| (+)largest_factor_bitlen | 0x145 |
| (-)factorization | ['0x5', '0x6d439ec79b', '0xc9589bcfc701aaf', '0x278b90b4738af46e296bf7140fe81af0747a9c8ad7c5b0a3423261947ff97799c3c44ad9'] |
| (-)largest_factor_bitlen | 0x11e |
| $\text{kn_factorization}(k=7)$ | |
| (+)factorization | ['0x2', '0x2b', '0x226859', '0x3d96bb', '0x128ca71', '0xd8dec0f6e9', '0x1c5a7ddb2dd8057d875a6763fe6d98db0dda6cf8ddb38f59b6867e5a7a323392c1627'] |
| (+)largest_factor_bitlen | 0x111 |
| (-)factorization | ['0x2', '0x2', '0x3', '0x673fffffffffffffffffffffffffffffffffffffffffffffd7855f76cb6ef55b5cae00d0bb732669edaeffac12d935ed'] |
| (-)largest_factor_bitlen | 0x17f |
| $\text{kn_factorization}(k=8)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{torsion_extension}(l=2)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{torsion_extension}(l=3)$ | |
| least | 0x8 |
| full | 0x8 |
| relative | 0x1 |
| $\text{torsion_extension}(l=5)$ | |
| least | 0x6 |
| full | 0x6 |
| relative | 0x1 |
| $\text{torsion_extension}(l=7)$ | |
| least | 0x30 |
| full | 0x30 |
| relative | 0x1 |
| $\text{torsion_extension}(l=11)$ | |
| least | 0x78 |
| full | 0x78 |
| relative | 0x1 |
| $\text{torsion_extension}(l=13)$ | |
| least | 0xc |
| full | 0xd |
| relative | 0x1 |
| $\text{torsion_extension}(l=17)$ | |
| least | 0x120 |
| full | 0x120 |
| relative | 0x1 |
| $\text{conductor}(deg=2)$ | |
| ratio_sqrt | 0x456480eb358aedac85b1232c7583be25d641b76b4d671145 |
| factorization | ['0x13d93d72a7b', '0x37f0027debb9021c11ebd6e0f86166efeac73f'] |
| $\text{conductor}(deg=3)$ | |
| ratio_sqrt | 0x9e30ab0c3c7539b10b365e696d83c417535be2d96b5991cf7dc610e479c8fc38a7498993d6a46134b8b5c06f974fc366 |
| factorization | NO DATA (timed out) |
| $\text{conductor}(deg=4)$ | |
| ratio_sqrt | 0x5adbb5e96a6153a50cd8d7b5283b277bf4b383124faaa3ce60391b23ca7a145bf227386812875619bbb869853f365264c42836baec9f339f4f96c278391c2f7a25d60434131c5f39 |
| factorization | NO DATA (timed out) |
| $\text{embedding}()$ | |
| embedding_degree_complement | 0x1 |
| complement_bit_length | 0x1 |
| $\text{class_number}()$ | |
| upper | NO DATA (timed out) |
| lower | NO DATA (timed out) |
| $\text{small_prime_order}(l=2)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=3)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=5)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=7)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=11)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=13)$ | |
| order | None |
| complement_bit_length | None |
| $\text{division_polynomials}(l=2)$ | |
| factorization | [['0x3', '0x1']] |
| len | 0x1 |
| $\text{division_polynomials}(l=3)$ | |
| factorization | [['0x4', '0x1']] |
| len | 0x1 |
| $\text{division_polynomials}(l=5)$ | |
| factorization | [['0x3', '0x4']] |
| len | 0x1 |
| $\text{volcano}(l=2)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=3)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=5)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=7)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=11)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=13)$ | |
| crater_degree | 0x1 |
| depth | 0x0 |
| $\text{volcano}(l=17)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=19)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{isogeny_extension}(l=2)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=3)$ | |
| least | 0x4 |
| full | 0x4 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=5)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=7)$ | |
| least | 0x8 |
| full | 0x8 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=11)$ | |
| least | 0xc |
| full | 0xc |
| relative | 0x1 |
| $\text{isogeny_extension}(l=13)$ | |
| least | 0x1 |
| full | 0xd |
| relative | 0xd |
| $\text{isogeny_extension}(l=17)$ | |
| least | 0x12 |
| full | 0x12 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=19)$ | |
| least | 0x14 |
| full | 0x14 |
| relative | 0x1 |
| $\text{trace_factorization}(deg=1)$ | |
| trace | 0x456480eb358aedac85b1232c7583be25d641b76b4d671145 |
| trace_factorization | ['0x13d93d72a7b', '0x37f0027debb9021c11ebd6e0f86166efeac73f'] |
| number_of_factors | 0x2 |
| $\text{trace_factorization}(deg=2)$ | |
| trace | 0x456480eb358aedac85b1232c7583be25d641b76b4d671145 |
| trace_factorization | ['0x3', '0x3', '0xbbc560f14f7426cb', '0x3e891b8f5acb502f5', '0xcfdc676937d88ba1256822fb741841669a4246bff554aaae126d064a5f5421b'] |
| number_of_factors | 0x4 |
| $\text{isogeny_neighbors}(l=2)$ | |
| len | 0x0 |
| $\text{isogeny_neighbors}(l=3)$ | |
| len | 0x0 |
| $\text{isogeny_neighbors}(l=5)$ | |
| len | 0x0 |
| $\text{q_torsion}()$ | |
| Q_torsion | 0x1 |
| $\text{hamming_x}(weight=1)$ | |
| x_coord_count | 0xb9 |
| expected | 0xc0 |
| ratio | 1.03784 |
| $\text{hamming_x}(weight=2)$ | |
| x_coord_count | 0x8fd4 |
| expected | 0x8fa0 |
| ratio | 0.99859 |
| $\text{hamming_x}(weight=3)$ | |
| x_coord_count | 0x476ea8 |
| expected | 0x477040 |
| ratio | 1.00009 |
| $\text{square_4p1}()$ | |
| p | NO DATA (timed out) |
| order | 0x3 |
| $\text{pow_distance}()$ | |
| distance | 0x30ffffffffffffffffffffffffffffffffffffffffffffffba9b7f14ca7512537a4edcd38a7c41da29be4894b298eebb |
| ratio | 3.61224 |
| distance 32 | 0x5 |
| distance 64 | 0x5 |
| $\text{multiples_x}(k=1)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=2)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=3)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=4)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=5)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=6)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=7)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=8)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=9)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=10)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{x962_invariant}()$ | |
| r | 0x6a2e813b8f181eb2b7e60cd8a5219cfa83fa00b1271e019640b4b199a93cbdd97e521ad327a3a8311aa963de4d284ef2 |
| $\text{brainpool_overlap}()$ | |
| o | 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| $\text{weierstrass}()$ | |
| a | 0xb0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| b | 0x6c96 |