w-256-mont

256-bit prime field Weierstrass curve.

Curve from https://eprint.iacr.org/2014/130.pdf. No generator present.

y^2 \equiv x^3 + ax + b

Parameters

Name	Value
p0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff	`0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff`
a0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc	`0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc`
b0x14e6a	`0x14e6a`
n0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb	`0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb`
h0x01	`0x01`

Sources

Selecting Elliptic Curves for Cryptography: An Efficiency and Security Analysis

Characteristics

j-invariant:
85856581630626807860549708050291921260960698897850594880082766057775855794080
Trace of Frobenius:
4893961318881196714252176992726657045
Discriminant:
115636606695615697602567654828622531023877166082715509571142882659033219954175
Embedding degree:
57818303347807848801283827414311265511936136060698314187214315242603326221301
CM-discriminant:
-462522475925072085027879645099841527608786562102829859723871355201056468266563
Conductor:
1

SAGE

p = 0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
K = GF(p)
a = K(0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc)
b = K(0x14e6a)
E = EllipticCurve(K, (a, b))
# No generator defined
E.set_order(0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb * 0x01)

p = 0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
K = GF(p)
a = K(0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc)
b = K(0x14e6a)
E = EllipticCurve(K, (a, b))
# No generator defined
E.set_order(0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb * 0x01)

SAGE

PARI/GP

p = 0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
a = Mod(0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc, p)
b = Mod(0x14e6a, p)
E = ellinit([a, b])
E[16][1] = 0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb * 0x01
\\ No generator defined

p = 0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
a = Mod(0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc, p)
b = Mod(0x14e6a, p)
E = ellinit([a, b])
E[16][1] = 0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb * 0x01
\\ No generator defined

PARI/GP

JSON

{
  "name": "w-256-mont",
  "desc": "Curve from https://eprint.iacr.org/2014/130.pdf. No generator present.",
  "sources": [
    {
      "name": "Selecting Elliptic Curves for Cryptography: An Efficiency and Security Analysis",
      "url": "https://eprint.iacr.org/2014/130"
    }
  ],
  "form": "Weierstrass",
  "field": {
    "type": "Prime",
    "p": "0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
    "bits": 256
  },
  "params": {
    "a": {
      "raw": "0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"
    },
    "b": {
      "raw": "0x14e6a"
    }
  },
  "order": "0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb",
  "cofactor": "0x01",
  "characteristics": {
    "cm_disc": "-462522475925072085027879645099841527608786562102829859723871355201056468266563",
    "conductor": "1",
    "discriminant": "115636606695615697602567654828622531023877166082715509571142882659033219954175",
    "j_invariant": "85856581630626807860549708050291921260960698897850594880082766057775855794080",
    "embedding_degree": "57818303347807848801283827414311265511936136060698314187214315242603326221301",
    "trace_of_frobenius": "4893961318881196714252176992726657045"
  }
}

{
  "name": "w-256-mont",
  "desc": "Curve from https://eprint.iacr.org/2014/130.pdf. No generator present.",
  "sources": [
    {
      "name": "Selecting Elliptic Curves for Cryptography: An Efficiency and Security Analysis",
      "url": "https://eprint.iacr.org/2014/130"
    }
  ],
  "form": "Weierstrass",
  "field": {
    "type": "Prime",
    "p": "0xffa7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
    "bits": 256
  },
  "params": {
    "a": {
      "raw": "0xffa7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"
    },
    "b": {
      "raw": "0x14e6a"
    }
  },
  "order": "0xffa7fffffffffffffffffffffffffffffc517513e6e5074b9d10c5e1a79857eb",
  "cofactor": "0x01",
  "characteristics": {
    "cm_disc": "-462522475925072085027879645099841527608786562102829859723871355201056468266563",
    "conductor": "1",
    "discriminant": "115636606695615697602567654828622531023877166082715509571142882659033219954175",
    "j_invariant": "85856581630626807860549708050291921260960698897850594880082766057775855794080",
    "embedding_degree": "57818303347807848801283827414311265511936136060698314187214315242603326221301",
    "trace_of_frobenius": "4893961318881196714252176992726657045"
  }
}

JSON