-
-
[原创]magma,/PARI/GP中文文档ECC初步:
-
发表于: 2011-2-9 20:36
-
先亮亮我的EC工具箱,最好都下载了(有MAlab和MATHMATICA,QEMU/WINDOWS 2003 ISO)-------怕快到期了
http://uploading.com/files/manager/0/
======================
GOOGLE.COM magma,/PARI/GP好像还没中文文档,SAGE有,但elliptic curve方面没译。
都是统代数系,但比MAPLE和MATHMATICA强在专,对学ECC来说,elliptic curve in 在无限域的Q/R/C/p进数,有限域的ZP都有函数实现,PARI/GP有些代码是汇编语言写的,其它大都能看C代码,GUN嘛
PARI/GP 作者Henri Cohen,就不多讲了,和FREY共著Handbook of Elliptic and Hyperelliptic Curve Cryptography,我国ECC书抄这书的一点点,就能买钱,FREY曲线和怀尔斯,都听过地
MAGMA 岩浆?还有个同名的,不要混了,在线http://magma.maths.usyd.edu.au/calc/ 没绘图功能PLOT之类的,可以肯定比单独下个收费的功能少,不过对ECC初学者从C库MSDN那是方便多了,搜了N天,有人放这了,快下载收好了,http://sourceforge.net/projects/maxima/files/Maxima-Windows/5.23.2-Windows/maxima-5.23.2.exe/download
SPRINGER出了岩浆书Discovering Mathematics with Magma,GOOGLE.COM下就能下
SAGEMATH.ORG在线,能绘图,是个数学工具大集合,常见统代数系的大都综合到这了,注册后页面能看到,十几种吧,可以只选用其中一种,国人很多,因为常见汉字,文档众多,数学家+程序员,天下无敌,基于Python语言,珍珠红宝石巨蟒,这里是巨蟒密林
下面是关于几个数论和ECC和绘图的函数用法,水瓶晃荡。。。。
PARI/GP下好安装后,有个GP.EXE,双击
(13:23) gp > ?
Help topics: for a list of relevant subtopics, type ?n for n in
0: user-defined identifiers (variable, alias, function)
1: Standard monadic or dyadic OPERATORS
2: CONVERSIONS and similar elementary functions
3: TRANSCENDENTAL functions
4: NUMBER THEORETICAL functions
5: Functions related to ELLIPTIC CURVES 6: Functions related to general NUMBER FIELDS
7: POLYNOMIALS and power series
8: Vectors, matrices, LINEAR ALGEBRA and sets
9: SUMS, products, integrals and similar functions
10: GRAPHIC functions
11: PROGRAMMING under GP
12: The PARI community
第四项是数论的
(14:12) gp > ?4
addprimes bestappr bezout bezoutres bigomega
binomial chinese content contfrac contfracpnqn
core coredisc dirdiv direuler dirmul
divisors eulerphi factor factorback factorcantor
factorff factorial factorint factormod ffinit
fibonacci gcd hilbert isfundamental ispower
isprime ispseudoprime issquare issquarefree kronecker
lcm moebius nextprime numbpart numdiv
omega precprime prime primepi primes
qfbclassno qfbcompraw qfbhclassno qfbnucomp qfbnupow
qfbpowraw qfbprimeform qfbred qfbsolve quadclassunit
quaddisc quadgen quadhilbert quadpoly quadray
quadregulator quadunit removeprimes sigma sqrtint
zncoppersmith znlog znorder znprimroot znstar
看名字就差不离多少,不行就?
(14:15) gp > ?bezout
bezout(x,y): gives a 3-dimensional row vector [u,v,d] such that d=gcd(x,y) and
u*x+v*y=d.
(14:25) gp > bezout(12345,54321)
%14 = [3617, -822, 3]
x= 12345 = 3 × 5 × 823
y= 54321 = 3 × 19 × 953
最大公因式(x,y) = 3 = 3
最小公倍数(x,y) = 223530915 = 3 × 5 × 19 × 823 × 953
Bezout 关系: 3617x + (-822) y = 3
以 y为除数的 x的辗转相除的过程序列:
被除数 商 除数 余数
12345 = 0 × 54321 + 12345
54321 = 4 × 12345 + 4941
12345 = 2 × 4941 + 2463
4941 = 2 × 2463 + 15
2463 = 164 × 15 + 3
15 = 5 × 3 + 0
多项式的:连商带余都给了
(14:33) gp > ?bezoutres
bezoutres(x,y): gives a 3-dimensional row vector [u,v,d] such that
d=resultant(x,y) and u*x+v*y=d, where x and y are polynomials.
(14:35) gp > x=p^4+p^3+3
%1 = p^4 + p^3 + 3
(14:36) gp > y=p+1
%2 = p + 1
(14:36) gp > bezoutres(x,y)
%3 = [1, -p^3, 3]
孙子:
(16:10) gp > chinese(Mod(18,115),Mod(21,71))
%13 = Mod(7263, 8165)
求X^NMOD(P)
(16:13) gp > Mod(217,389)^50200
%15 = Mod(36, 389)
第五项ELLIPTIC curve的,无限的Q/R/C/p进数域,有限域的ZP都可以
(14:08) gp > ?5
elladd ellak ellan ellap
ellbil ellchangecurve ellchangepoint ellconvertname
elleisnum elleta ellgenerators ellglobalred
ellheight ellheightmatrix ellidentify ellinit
ellisoncurve ellj elllocalred elllseries
ellminimalmodel ellorder ellordinate ellpointtoz
ellpow ellrootno ellsearch ellsigma
ellsub elltaniyama elltors ellwp
ellzeta ellztopoint
EC初始化用ellinit:(14:41) gp > ? ellinit
ellinit(x,{flag=0}): x being the vector [a1,a2,a3,a4,a6] defining the curve
Y^2 + a1.XY + a3.Y = X^3 + a2.X^2 + a4.X + a6, gives the vector:
[a1,a2,a3,a4,a6,b2,b4,b6,b8,c4,c6,disc,j,[e1,e2,e3],,eta1,etw1,w2a2,area]. If
the curve is defined over a p-adic field, the last six components are replaced
by root,u^2,u,q,w,0. If optional flag is 1, omit them altogether. x can also
be a string, in this case the coefficients of the curve with matching name are
looked in the elldata database if available.
21个参数,前五个
a1,a2,a3,a4,a6,这六项就是正规表式的EC曲线Y^2 + a1.XY + a3.Y = X^3 + a2.X^2 + a4.X + a6系数,
b2,b4,b6,b8,c4,c6,disc,j这七项和EC曲线变换有关,和曲线划分有关,奇异非奇异等等,在R域上图像就是有没尖点---光滑
[e1,e2,e3],,eta1,etw1,w2a2,area这七项应该和C域有关,C域上EC曲线是个轮胎,正在学这个轮胎
flag=1,X还可以是字符串
找条曲线试试,E.tate,E.w这两看来是在P进数域才能用的
Y^2 + a1.XY + a3.Y = X^3 + a2.X^2 + a4.X + a6都可变成Y^2=x^3+ax+b形式
Y^2=X^3+7X+8
(15:20) gp > E=ellinit([0,0,0,7,8]);
(15:20) gp > E.a1
%9 = 0
(15:20) gp > E.a2
%10 = 0
(15:20) gp > E.a3
%11 = 0
(15:20) gp > E.a4
%12 = 7
(15:20) gp > E.a6
%13 = 8
(15:20) gp > E.b2
%14 = 0
(15:21) gp > E.b4
%15 = 14
(15:21) gp > E.b6
%16 = 32
(15:21) gp > E.b6
%17 = 32
(15:21) gp > E.c4
%18 = -336
(15:21) gp > E.c6
%19 = -6912
(15:21) gp > E.disc
%20 = -49600
(15:26) gp > E.roots
%21 = [-1.000000000000000000000000000, 0.5000000000000000000000000000 - 2.783
181415010961059735649*I, 0.5000000000000000000000000000 + 2.78388218141501096
9735649*I]~
(15:31) gp > E.omega[1]
%22 = 2.400226835016717000625368437
(15:32) gp > E.area
%23 = 2.284807014575569154497352277
(15:33) gp > E.tate
*** curve not defined over a p-adic field.
(15:33) gp > E.w
*** curve not defined over a p-adic field.
(15:34) gp > E.eta1
这两个是以前版本的命令:
(15:37) gp > initell([0,0,0,7,8]);
*** obsolete function: initell([0,0,0,7,8])
^--------------------
For full compatibility with GP 1.39.15, type "default(compatible,3)", or set
"compatible = 3" in your GPRC file.
New syntax: initell(x) ===> ellinit(x)
(15:37) gp > smallinitell([0,0,0,7,8]);
*** obsolete function: smallinitell([0,0,0,
^--------------------
For full compatibility with GP 1.39.15, type "default(compatible,3)", or set
"compatible = 3" in your GPRC file.
New syntax: smallinitell(x) ===> ellinit(x,1)
求个切线自加点,
z1=[4,10];
z2=[4,10];
elladd(E,z1,z2)
12 = [-7/16, 141/64]
(16:42) gp > ?ellisoncurve
ellisoncurve(e,x): true(1) if x is on elliptic curve e, false(0) if not.
16:42) gp > ellisoncurve(E,[-7/16, 141/64])
13 = 1
求挠点,y^2=x^3+7*x+8,表明从[1, 0]可生成所有有理点,两个一组,这曲线不好。。。
(16:23) gp > elltors(E)%2 = [2, [2], [[-1, 0]]]
上面是在R域,现在P域求MOD31:y还都可以为负的
(16:20) gp > for(x=0,30, for(y=0,30, if((y^2-(x^3+7*x+8))%31==0, print1([x,y],>
[0, 15] [0, 16] [1, 4] [1, 27] [3, 5] [3, 26] [4, 10] [4, 21] [6, 7] [6
, 24] [7, 11] [7, 20] [8, 7] [8, 24] [9, 5] [9, 26] [13, 8] [13, 23] [1
5, 4] [15, 27] [16, 0] [17, 7] [17, 24] [18, 13] [18, 18] [19, 5] [19, 2
6] [24, 9] [24, 22] [27, 3] [27, 28] [30, 0]
(17:00) gp > for(x=0,30, for(y=-30,30, if((y^2-(x^3+7*x+8))%31==0, print1([x,y>
[0, -16] [0, -15] [0, 15] [0, 16] [1, -27] [1, -4] [1, 4] [1, 27] [3, -26] [3
, -5] [3, 5] [3, 26] [4, -21] [4, -10] [4, 10] [4, 21] [6, -24] [6, -7] [6, 7
] [6, 24] [7, -20] [7, -11] [7, 11] [7, 20] [8, -24] [8, -7] [8, 7] [8, 24]
[9, -26] [9, -5] [9, 5] [9, 26] [13, -23] [13, -8] [13, 8] [13, 23] [15, -27]
[15, -4] [15, 4] [15, 27] [16, 0] [17, -24] [17, -7] [17, 7] [17, 24] [18, -1
8] [18, -13] [18, 13] [18, 18] [19, -26] [19, -5] [19, 5] [19, 26] [24, -22]
[24, -9] [24, 9] [24, 22] [27, -28] [27, -3] [27, 3] [27, 28] [30, 0]
MOD41
(16:32) gp > for(x=0,41, for(y=0,41, if((y^2-(x^3+7*x+8))%41==0, print1([x,y],>
[0, 7] [0, 34] [1, 4] [1, 37] [4, 10] [4, 31] [5, 2] [5, 39] [6, 15] [6
, 26] [7, 20] [7, 21] [8, 17] [8, 24] [9, 12] [9, 29] [12, 4] [12, 37]
[13, 0] [13, 41] [14, 12] [14, 29] [18, 12] [18, 29] [23, 6] [23, 35] [2
5, 8] [25, 33] [27, 6] [27, 35] [28, 4] [28, 37] [29, 0] [29, 41] [31, 2
] [31, 39] [32, 6] [32, 35] [35, 18] [35, 23] [37, 11] [37, 30] [38, 1]
[38, 40] [40, 0] [40, 41] [41, 7] [41, 34]
?elltaniyama(E)
elltaniyama(e): modular parametrization of elliptic curve e.
(15:50) gp > elltaniyama(E)
%28 = [x^-2 - x^2 + 2*x^6 + 4*x^8 + 5*x^10 + O(x^15), -x^-3 - 2*x - 4*x^3 + x^5
+ 2*x^7 - 2*x^9 - 10*x^11 - 15*x^13 + O(x^14)]
谷山丰的模型式 ------ 谷山丰志村五郎都知道
ellan、ellap 求MODP的偏移,试了5和17,可验证HEESE定理,mod5是条超奇异,不符HEESE
E = ellinit([0,0,0,7,8]);
ellap(E,5)
%86 = -1
E1 = ellinit([0,0,0,7,8]*Mod(1,5))
for(x=0,4, for(y=0,4, if(ellisoncurve(E1,[x,y]),print([x,y]))))
[1, 4]
ellap(E,17)
(16:31) gp > for(x=0,16, for(y=0,16, if(ellisoncurve(E2,[x,y]),print([x,y]))))
[0, 5]
[0, 12]
[1, 4]
[1, 13]
[2, 8]
[2, 9]
[4, 7]
[4, 10]
[5, 7]
[5, 10]
[7, 3]
[7, 14]
[8, 7]
[8, 10]
[9, 1]
[9, 16]
[12, 1]
[12, 16]
[13, 1]
[13, 16]
[16, 0]
gp > 5+1-2
4
17+1-22
-4
) gp > ellan(E,18)
[1, 0, 0, 0, -1, 0, -4, 0, -3, 0, -2, 0, -6, 0, 0, 0, -4, 0]
ellpow可以找出循环群的生成元点,试了几个,[6, 9]不是,[7, 17]是
[1, 4] [1, 33] [2, 17] [2, 20] [4, 10] [4, 27] [6, 9] [6, 28] [7, 17] [7, 20]
[8, 13] [8, 24] [11, 11] [11, 26] [12, 9] [12, 28] [14, 1] [14, 36] [15, 11]
[15, 26] [18, 3] [18, 34] [19, 9] [19, 28] [25, 3] [25, 34] [27, 14] [27, 23
] [28, 17] [28, 20] [31, 3] [31, 34] [32, 12] [32, 25] [33, 8] [33, 29] [34,
(17:40) gp > for(n=1,37,print(n,"*[6,9] = ",lift(ellpow(e,x,n))))
(17:41) gp > x=[7, 17];
(17:41) gp > for(n=1,37,print(n,"*[7, 17]= ",lift(ellpow(e,x,n))))
1*[7, 17]= [7, 17]
2*[7, 17]= [27, 23]
3*[7, 17]= [19, 9]
4*[7, 17]= [32, 12]
5*[7, 17]= [1, 4]
6*[7, 17]= [8, 24]
7*[7, 17]= [34, 16]
8*[7, 17]= [6, 9]
9*[7, 17]= [14, 1]
10*[7, 17]= [25, 3]
11*[7, 17]= [12, 28]
12*[7, 17]= [11, 26]
13*[7, 17]= [31, 3]
14*[7, 17]= [33, 29]
15*[7, 17]= [4, 10]
16*[7, 17]= [15, 26]
17*[7, 17]= [18, 3]
18*[7, 17]= [2, 17]
19*[7, 17]= [28, 20]
20*[7, 17]= [36, 0]
21*[7, 17]= [28, 17]
22*[7, 17]= [2, 20]
23*[7, 17]= [18, 34]
24*[7, 17]= [15, 11]
25*[7, 17]= [4, 27]
26*[7, 17]= [33, 8]
27*[7, 17]= [31, 34]
28*[7, 17]= [11, 11]
29*[7, 17]= [12, 9]
30*[7, 17]= [25, 34]
31*[7, 17]= [14, 36]
32*[7, 17]= [6, 28]
33*[7, 17]= [34, 21]
34*[7, 17]= [8, 13]
35*[7, 17]= [1, 33]
36*[7, 17]= [32, 25]
37*[7, 17]= [19, 28]
ellorder PARI/GP不能用,但MAXMA 里很好用的
PARI/GP绘图:能感到黑白年代的图像分辨率。。。。。
PARI/GP里对环和理想,类群都很强,不光是多项式环 阿廷环 诺特环 。。。。 可试试?6,水平有限,只提提有关ECC-2m多项式,没MAXMA对ECC-2m多项式直接,MAXMA有ECC-2m初始化函数的
PARI/GP可下个包,是EC关于神秘的RANK问题的,RANK能懂代数数论代数几何就入门了.....我还在找路,没发现门.......
Elliptic Curve Data
http://www.warwick.ac.uk/staff/J.E.Cremona//ftp/data/
MAXMA
代数方面强捍,可看看下面,集合论同伦李群同调都有函数。。。。,也有拓朴方面的,不开源不过上面我贴了magma的DOWNLOAD地址,有心人可用IDA看看函数参数。。。。PARI/GP是ANSI C,magma应该是UNICODE
维护人多,超过PARI/GP,收钱,不过有个在线magma
http://magma.maths.usyd.edu.au/magma/handbook/
关于ECC方面下面文档,很详细
RATIONAL CURVES AND CONICS
ELLIPTIC CURVES
ELLIPTIC CURVES OVER FINITE FIELDS
ELLIPTIC CURVES OVER FUNCTION FIELDS
MODELS OF GENUS ONE CURVES
HYPERELLIPTIC CURVES
L-FUNCTIONS
RATIONAL CURVES AND CONICS --------有理圆锥曲线,2次的椭双抛,之间的同
态同构自同构,中学生就懂
ELLIPTIC CURVES OVER FINITE FIELDS ,HYPERELLIPTIC CURVES 有限域椭圆曲线,ECC就建在他上
FUNCTION FIELDS 函数域椭圆曲线,可能泛函学过之后才行
ODELS OF GENUS ONE CURVES 亏格一曲线的模式
L-FUNCTIONS L 函数,很多方面都爱往 L 函数上凑。。。。。。
初始化用EllipticCurve,超椭圆,非超奇异,超奇异都用他
EllipticCurve(C) : Sch -> CrvEll, MapSch
SetVerbose("EllModel", n): Maximum: 3Given a scheme C describing a curve of genus 1 with an easily recognised rational point, the function returns an elliptic curve E, together with a birational map from C to E. If there is no "obvious" rational point then this routine will fail. C must belong to one of the following classes:
(i)Hyperelliptic curves of genus 1 of the form C: y2 + h(x)y=f(x) with f of degree 3 or 4 and h of degree at most 1. If the function x on C has a rational branch point then that point is sent to the origin on E. Otherwise, if C has a rational point at x=∞ then that point is used.
(ii)Nonsingular plane curves of degree 3. If the curve is already in general Weierstrass form up to a permutation of the variables, then this is recognised and used as a model for the elliptic curve. Otherwise the base field of the curve must have characteristic different from 2 and 3; in this case, the curve is tested for having a rational flex. If it has, then a linear transformation suffices to get the curve into general Weierstrass form, and this is used.
(iii)Singular plane curves of degree 4 over a base field of characteristic different from 2 with a unique cusp, with the tangent cone meeting the curve only at that point. Up to linear transformation, these are curves of type y2=f(x), with f of degree 4. Such curves are brought into the standard form above. If either a rational point exists with x=0 or the curve intersects the line at infinity in a rational point, then that point is used to put the curve in general Weierstrass formEllipticCurve([a1, a2, a3, a4, a6]) :
三种方式都可以
E:=EllipticCurve([7, 8]);
E;
jInvariant(E);
先定义环
Qx<x> := PolynomialRing(Rationals());
EllipticCurve(x^3 + 7*x+8);
先定J不变量
E1:=EllipticCurveWithjInvariant(592704/(775));
E1;
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over Rational Field
592704/775
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over Rational Field
复域:
Qx<x> := PolynomialRing(ComplexField());
EllipticCurve(x^3 + 7*x+8);
Elliptic Curve defined by y^2 = x^3 + 7.00000000000000000000000000000*x +
8.00000000000000000000000000000 over Complex field of precision 30
不变量。。。。??
参数对应,还能省略,自动认超奇异
E:=EllipticCurve([0,0,0,7, 8]);
E;
E1:=EllipticCurve([7, 8]);
E1;
E2 := EllipticCurve([GF(17) | 7, 8]);
E2;
E3 := EllipticCurve([GF(19) | 7, 8]);
E3;
E4 := EllipticCurve([GF(31) | 7, 8]);
E4;
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over Rational Field
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over Rational Field
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over GF(17)
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over GF(19)
>> E4 := EllipticCurve([GF(31) | 7, 8]);
^
Runtime error in 'EllipticCurve': Curve is singular
>> E4;
^
User error: Identifier 'E4' has not been declared or assigned
化系数为整
E5 := EllipticCurve([1/12, 1/22, 1, 1/13, 41]);
IE := IntegralModel(E5);
IE;
Elliptic Curve defined by y^2 + 1/12*x*y + y = x^3 + 1/22*x^2 + 1/13*x + 41 over
Rational Field
Elliptic Curve defined by y^2 + 143*x*y + 5053029696*y = x^3 + 133848*x^2 +
666999919872*x + 1046857473454971949056 over Rational Field
最小
> ME := MinimalModel(IE);
> ME;
Elliptic Curve defined by y^2 + x*y = x^3 + 1021854892776*x +
1053193319031442674240 over Rational Field
常规式,就最常见的了
WeierstrassModel(E2);
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over GF(17)
同构吗:
IsIsomorphic(E, E1);true
生成2次扭曲线
QuadraticTwist(E3, 10);
QuadraticTwist(E2, 5);
S1 := QuadraticTwists(E3);
S2 := QuadraticTwists(E2);
S1;
S2;
[ IsIsomorphic(E3,E) : E in S1 ];
[ IsIsomorphic(E2,E) : E in S2 ];
Elliptic Curve defined by y^2 = x^3 + 16*x + 1 over GF(19)
Elliptic Curve defined by y^2 = x^3 + 5*x + 14 over GF(17)
[
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over GF(19),
Elliptic Curve defined by y^2 = x^3 + 7*x + 11 over GF(19)
]
[
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over GF(17),
Elliptic Curve defined by y^2 = x^3 + 12*x + 5 over GF(17)
]
[ true, false ]
[ true, false ]
j不变量,扭曲线
jInvariant(E3);
jInvariant(E2);
T3 := Twists(E3);
> T3;
T2 := Twists(E2);
> T2;
判别式和各种不变量
公式,初中就明白部分
b_2 = a_1^2 + 4*a_2
b_4 = a_1*a_3 + 2*a_4
b_6 = a_3^2 + 4*a_6
b_8 = a_1^2*a_6 + 4*a_2*a_6 - a_1*a_3*a_4 + a_2*a_3^2 - a_4^2.
_4 = b_2^2 - 24*b_4
c_6 = -b_2^3 + 36*b_2*b_4 - 216*b_6.
d = -b_2^2*b_8 - 8*b_4^3 - 27*b_6^2 + 9*b_2*b_4*b_6
求整点和挠点系,助予理解Mordell-Weil定理
Qx<x> := PolynomialRing(Rationals());
EllipticCurve(x^3 + 7*x+8);
Q, reps := IntegralPoints(E);
Q;
reps;
[ (-1 : 0 : 1), (1 : 4 : 1), (4 : -10 : 1), (7 : 20 : 1), (8 : -24 : 1), (89 :
-840 : 1), (1921 : 84196 : 1) ]
[ <(-1 : 0 : 1), 1>, <(1 : 4 : 1), 1>, <(4 : -10 : 1), 1>, <(7 : 20 : 1), 1>,
<(8 : -24 : 1), 1>, <(89 : -840 : 1), 1>, <(1921 : 84196 : 1), 1> ]
非超奇异,超奇异判断
E3 := EllipticCurve([GF(17) | 7, 8]);
E3;
IsSupersingular(E3)
IsProbablySupersingular(E3)
ordinary(E3)
Elliptic Curve defined by y^2 = x^3 + 7*x + 8 over GF(17)
false
false
true
好像特征P的超奇异多项式表达式有关?
SupersingularPolynomial(p)
SupersingularPolynomial(31)
$.1^3 + 2*$.1^2 + 22*$.1 + 2
生成CHAR2/3的ECC及时间:
K := FiniteField(2,192); // finite field of size 2^160
> E := EllipticCurve([K!1,0,0,0,K.1]);
E;
> time #E;
K := FiniteField(3,260); // finite field of size 2^160
E3 := EllipticCurve([K!1,0,0,0,K.1]);
E3;
time #E3;
Elliptic Curve defined by y^2 + x*y = x^3 + K.1 over GF(2^192)
6277101735386680763835789423275520405152076905076979576832
Time: 0.100
Elliptic Curve defined by y^2 + x*y = x^3 + K.1 over GF(3^260)
1125968464254872335396012272996256555225172691549086017731999074686018775958907\
0448135666259186955978522508673000384073458387
Time: 1.800
找点阶CODE,想找何种曲线方便多多
p := NextPrime(2^15);
p;
K := GF(p);
for k in [1..p] do
E := EllipticCurve([K | k, 31]);
n := SEA(E : MaxSmooth := 1);
if IsPrime(n) and n eq NextPrime(2^15) then
printf "Found curve of prime order %o for k = %o\n", n, k;
break;
end if;
end for;
E;
验证扭曲线阶之和,2进制域还不行?。。。
P:=NextPrime(10000000000000000000000000000);
P;
E3 := EllipticCurve([GF(P) | 7, 8]);
E3;
E4:=Twists(E3);
E4;
E5 := EllipticCurve([GF(P) | 4651483222866113843238986811, 4220774469207810384173128581]);
IsSupersingular(E3);
IsSupersingular(E5);
O3:=Order(E3);
O5:=Order(E5);
O3+O5;
2*P+2;
Qx<x> := PolynomialRing(Rationals());
K := FiniteField(13,12);
E2 := EllipticCurve([K | 7, 8]);
E2;
O2:=Order(E2);
Twists(E2);
E1 := EllipticCurve(x^3 + (3*K.1^11 + K.1^10 + 11*K.1^9 +
3*K.1^8 + 3*K.1^6 + 7*K.1^5 + 8*K.1^4 + 6*K.1^3 + 3*K.1^2 + 5*K.1 + 7)*x
+ (12*K.1^11 + 8*K.1^10 + 5*K.1^9 + 9*K.1^8 + 7*K.1^6 + 11*K.1^4 + 7*K.1^3 +
K.1^2 + 12*K.1 + 4))
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 在路上都还在路上 |
|
|
|
|
|
就在这页面上。。。
又进步了,再贴点 Tate Pairing在ECC中ADWARDS式中的视屏:http://www.youtube.com/watch?v=nideQo-K9ME ADWARDS式中两点加如下图,还有沙盘演试:     |
|
|
像个小桌,面是四角海星,Z轴方向上都是抛物线
  |
|
|
|
|
|
|
|
|
|
|
|
|
