Curve detail
Definition
| Name | w-512-mont |
|---|---|
| Category | nums |
| Description | Original nums curve from https://eprint.iacr.org/2014/130.pdf |
| Field | Prime (0xfe14ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff) |
| Field bits | 512 |
| Form | Weierstrass $y^2 = x^3 + ax + b$ |
| Param $a$ | 0xfe14fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| Param $b$ | 0x185ed |
Characteristics
| Order | 0xfe14ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff638a8d792ee750298064aaf0b8498e61df3d3995064ed73b939628f17e98fdc9 |
| Cofactor | 0x1 |
| $j$-invariant | 0x933e68652c792de1b06fd603ed749716736c131dad92f7ec405100a1d547dd29af0d63806b170386a81ef1fcf76e63680bb1218d047f36a46c114890a763489e |
| Trace $t$ | 0x9c757286d118afd67f9b550f47b6719e20c2c66af9b128c46c69d70e81670237 |
Traits
| $\text{cofactor}()$ | |
|---|---|
| order | 0xfe14ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff638a8d792ee750298064aaf0b8498e61df3d3995064ed73b939628f17e98fdc9 |
| cofactor | 0x1 |
| $\text{discriminant}()$ | |
| cm_disc | None |
| factorization | None |
| max_conductor | None |
| $\text{twist_order}(deg=1)$ | |
| twist_cardinality | 0xfe150000000000000000000000000000000000000000000000000000000000009c757286d118afd67f9b550f47b6719e20c2c66af9b128c46c69d70e81670237 |
| factorization | None |
| $\text{twist_order}(deg=2)$ | |
| twist_cardinality | 0xfc2dadb8fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc674b5976314d9017b2d26357fb17134cfe3508899c2277d7e305bb191861c1d342b69504cd2b9a1c932aaabae6f77a0c790f8c28c03902c3a78399b23646e7d5 |
| factorization | None |
| $\text{kn_factorization}(k=1)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=2)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | ['0x3', '0x5', '0x11', '0xbf', '0x1a99e4bd', '0x5a5d83d5cc7041b', '0x48d1d137077cb6392131d18002b805993d2e0123ad4bf755c80145d191ef3f069b804baee40f844f6268aeaea5df35ecdd8f6bf'] |
| (-)largest_factor_bitlen | 0x19b |
| $\text{kn_factorization}(k=3)$ | |
| (+)factorization | ['0x2', '0x2', '0x5', '0x5', '0x7', '0xd3706b9', '0xfaf3baad4d', '0x1584d96391fde2190ee374285157f4deb68917a65ab45dc95d4640fa92a9afc61a1468147a5c4c622fe98f6bc5128b406ca501ca4b2925'] |
| (+)largest_factor_bitlen | 0x1b5 |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=4)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=5)$ | |
| (+)factorization | ['0x2', '0x27b347ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe78da61aef5424867c0fbab59ccb7e3f4ae190ff48fc51a14f0f7665bbc7e7a77'] |
| (+)largest_factor_bitlen | 0x202 |
| (-)factorization | ['0x2', '0x2', '0x3', '0xd', '0x4f', '0x971', '0x111f01817df23a65', '0x29cb01470245e5c66b487b3558029eb681a5a9a1ebef16431285b2cbde948234deeac4282339cf2716a9fa230c4f748f144608518ed7'] |
| (-)largest_factor_bitlen | 0x1ae |
| $\text{kn_factorization}(k=6)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | NO DATA (timed out) |
| (-)largest_factor_bitlen | NO DATA (timed out) |
| $\text{kn_factorization}(k=7)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | ['0x2', '0x5', '0xb', '0x13', '0x17', '0x728f', '0x1da0d', '0x5cf4887', '0xc18745aa7', '0x29a43b88a54fe40e09ab04b67207cdd5c775606e2413aef4f1ee2e172b8c3db06adaa4d110b7543d72c153d574caaec7329bf7'] |
| (-)largest_factor_bitlen | 0x196 |
| $\text{kn_factorization}(k=8)$ | |
| (+)factorization | NO DATA (timed out) |
| (+)largest_factor_bitlen | NO DATA (timed out) |
| (-)factorization | ['0x3', '0x3', '0x59', '0x119', '0x3653', '0x8d29', '0x3efea0c2b49', '0x504aea8613add843d71f2fd192148d9c1a714b49eb659fa00bfaa14838d86b50589d2a6712b4b90ce1e7d589f2f1dc7843e4897af35'] |
| (-)largest_factor_bitlen | 0x1ab |
| $\text{torsion_extension}(l=2)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{torsion_extension}(l=3)$ | |
| least | 0x4 |
| full | 0x4 |
| relative | 0x1 |
| $\text{torsion_extension}(l=5)$ | |
| least | 0xc |
| full | 0xc |
| relative | 0x1 |
| $\text{torsion_extension}(l=7)$ | |
| least | 0x4 |
| full | 0x4 |
| relative | 0x1 |
| $\text{torsion_extension}(l=11)$ | |
| least | 0x28 |
| full | 0x28 |
| relative | 0x1 |
| $\text{torsion_extension}(l=13)$ | |
| least | 0x54 |
| full | 0x54 |
| relative | 0x1 |
| $\text{torsion_extension}(l=17)$ | |
| least | 0x30 |
| full | 0x30 |
| relative | 0x1 |
| $\text{conductor}(deg=2)$ | |
| ratio_sqrt | 0x9c757286d118afd67f9b550f47b6719e20c2c66af9b128c46c69d70e81670237 |
| factorization | ['0x3', '0x7', '0x21d', '0xa34389', '0xa2b63bad7', '0x68d1df4146b', '0x153de4ce974c45071df6969a93a1c2f62a2b'] |
| $\text{conductor}(deg=3)$ | |
| ratio_sqrt | 0x9e75a689ceb26fe84d2d9ca804e8ecb301caf77663dd88281cfa44e6e79e3e2cbd496afb32d465e36cd55545190885f386f073d73fc6fd3c587c664dc9b9182e |
| factorization | NO DATA (timed out) |
| $\text{conductor}(deg=4)$ | |
| ratio_sqrt | 0xfc21c16916a1b83eeb7caa7f75d4780f1befda5679f672820000ae04bfcb6b56fc97df26d21310008d75487e697cf2f4b57d1abe8585c12a755a501f5e948fa2a08d10a217390b048d188c3c60e5291d159b9b687eee747fb95b2267300f8bab |
| factorization | NO DATA (timed out) |
| $\text{embedding}()$ | |
| embedding_degree_complement | 0x1 |
| complement_bit_length | 0x1 |
| $\text{class_number}()$ | |
| upper | NO DATA (timed out) |
| lower | NO DATA (timed out) |
| $\text{small_prime_order}(l=2)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=3)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=5)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=7)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=11)$ | |
| order | None |
| complement_bit_length | None |
| $\text{small_prime_order}(l=13)$ | |
| order | None |
| complement_bit_length | None |
| $\text{division_polynomials}(l=2)$ | |
| factorization | [['0x3', '0x1']] |
| len | 0x1 |
| $\text{division_polynomials}(l=3)$ | |
| factorization | [['0x2', '0x2']] |
| len | 0x1 |
| $\text{division_polynomials}(l=5)$ | |
| factorization | [['0x6', '0x2']] |
| len | 0x1 |
| $\text{volcano}(l=2)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=3)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=5)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=7)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=11)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=13)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=17)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{volcano}(l=19)$ | |
| crater_degree | 0x0 |
| depth | 0x0 |
| $\text{isogeny_extension}(l=2)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=3)$ | |
| least | 0x2 |
| full | 0x2 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=5)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=7)$ | |
| least | 0x2 |
| full | 0x2 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=11)$ | |
| least | 0x4 |
| full | 0x4 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=13)$ | |
| least | 0x7 |
| full | 0x7 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=17)$ | |
| least | 0x3 |
| full | 0x3 |
| relative | 0x1 |
| $\text{isogeny_extension}(l=19)$ | |
| least | 0x14 |
| full | 0x14 |
| relative | 0x1 |
| $\text{trace_factorization}(deg=1)$ | |
| trace | 0x9c757286d118afd67f9b550f47b6719e20c2c66af9b128c46c69d70e81670237 |
| trace_factorization | ['0x3', '0x7', '0x21d', '0xa34389', '0xa2b63bad7', '0x68d1df4146b', '0x153de4ce974c45071df6969a93a1c2f62a2b'] |
| number_of_factors | 0x7 |
| $\text{trace_factorization}(deg=2)$ | |
| trace | 0x9c757286d118afd67f9b550f47b6719e20c2c66af9b128c46c69d70e81670237 |
| trace_factorization | NO DATA (timed out) |
| number_of_factors | NO DATA (timed out) |
| $\text{isogeny_neighbors}(l=2)$ | |
| len | 0x0 |
| $\text{isogeny_neighbors}(l=3)$ | |
| len | 0x0 |
| $\text{isogeny_neighbors}(l=5)$ | |
| len | 0x0 |
| $\text{q_torsion}()$ | |
| Q_torsion | 0x1 |
| $\text{hamming_x}(weight=1)$ | |
| x_coord_count | 0x110 |
| expected | 0x100 |
| ratio | 0.94118 |
| $\text{hamming_x}(weight=2)$ | |
| x_coord_count | 0xfed4 |
| expected | 0xff80 |
| ratio | 1.00264 |
| $\text{hamming_x}(weight=3)$ | |
| x_coord_count | 0xa9a4ef |
| expected | 0xa9ab00 |
| ratio | 1.00014 |
| $\text{square_4p1}()$ | |
| p | NO DATA (timed out) |
| order | NO DATA (timed out) |
| $\text{pow_distance}()$ | |
| distance | 0x1eb0000000000000000000000000000000000000000000000000000000000009c757286d118afd67f9b550f47b6719e20c2c66af9b128c46c69d70e81670237 |
| ratio | 132.47454 |
| distance 32 | 0x9 |
| distance 64 | 0x9 |
| $\text{multiples_x}(k=1)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=2)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=3)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=4)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=5)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=6)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=7)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=8)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=9)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{multiples_x}(k=10)$ | |
| Hx | None |
| bits | None |
| difference | None |
| ratio | None |
| $\text{x962_invariant}()$ | |
| r | 0x92a5118559de236ec520433c7414ec8aec6ab14e84446abfdbf114bc04b5b345571c7d0b1d5a1050a96f81daf33af96927799d3ddd5c05ccd5d9fc557415765d |
| $\text{brainpool_overlap}()$ | |
| o | 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| $\text{weierstrass}()$ | |
| a | 0xfe14fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc |
| b | 0x185ed |