Tom-521
521-bit prime field Weierstrass curve.Tom-521 curve from https://eprint.iacr.org/2021/1183.pdf
Parameters
Characteristics
- j-invariant:
482529792883044310381432738387810625973078366292242962568956589104155231443755832772934786096417507926471853972969222895968837733475850875577301467133664272 - Trace of Frobenius:
5133182737093516966116292369105062158447915857038956549678982449484591328997963 - Discriminant:
1991109211791184129566756845238735752114572928978384575053636733088398919379083870089176650703950781274147959163206701237649193373256789970473572867968393144 - Embedding degree:
2288265886710203238327300266360464405756478433381101803131487819728514394465885350707519880220484851659098770463826952679040662666572214604191342763705019050 - CM-discriminant:
-28243 - Conductor:
6268055400574841440667156810254912726834973227558374885183820779126439865891
SAGE
p = 0x200000000000000000000000000000000000000000000000000000000000000002c54be78524c33584f734a266748b2063accf5028e6778dc5056476d0690853249K = GF(p)a = K(0xef6432c21701cc48c63fb9263e14ba76d4a94ba14d173b134e3032b0e2e543180eb6725125992a7d00162a5f57d21918b0766364eeb53c53bb12f405dac1d527e2)b = K(0x3cbc65d1e0245d79703b18e9aaea1ac6d67f87a2cd4bd84b9e6df6a45a979c481825ca5a857270fc890352f9fac7fd6020deaabb28d099718f0f77a4eec222871d)E = EllipticCurve(K, (a, b))# No generator definedE.set_order(0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff * 0x01)
PARI/GP
p = 0x200000000000000000000000000000000000000000000000000000000000000002c54be78524c33584f734a266748b2063accf5028e6778dc5056476d0690853249a = Mod(0xef6432c21701cc48c63fb9263e14ba76d4a94ba14d173b134e3032b0e2e543180eb6725125992a7d00162a5f57d21918b0766364eeb53c53bb12f405dac1d527e2, p)b = Mod(0x3cbc65d1e0245d79703b18e9aaea1ac6d67f87a2cd4bd84b9e6df6a45a979c481825ca5a857270fc890352f9fac7fd6020deaabb28d099718f0f77a4eec222871d, p)E = ellinit([a, b])E[16][1] = 0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff * 0x01\\ No generator defined
JSON
{"name": "Tom-521","desc": "Tom-521 curve from https://eprint.iacr.org/2021/1183.pdf","sources": [{"name": "ZKAttest: Ring and Group Signatures for existing ECDSA keys","url": "https://eprint.iacr.org/2021/1183"}],"form": "Weierstrass","field": {"type": "Prime","p": "0x200000000000000000000000000000000000000000000000000000000000000002c54be78524c33584f734a266748b2063accf5028e6778dc5056476d0690853249","bits": 521},"params": {"a": {"raw": "0xef6432c21701cc48c63fb9263e14ba76d4a94ba14d173b134e3032b0e2e543180eb6725125992a7d00162a5f57d21918b0766364eeb53c53bb12f405dac1d527e2"},"b": {"raw": "0x3cbc65d1e0245d79703b18e9aaea1ac6d67f87a2cd4bd84b9e6df6a45a979c481825ca5a857270fc890352f9fac7fd6020deaabb28d099718f0f77a4eec222871d"}},"order": "0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff","cofactor": "0x01","characteristics": {"cm_disc": "-28243","conductor": "6268055400574841440667156810254912726834973227558374885183820779126439865891","discriminant": "1991109211791184129566756845238735752114572928978384575053636733088398919379083870089176650703950781274147959163206701237649193373256789970473572867968393144","j_invariant": "482529792883044310381432738387810625973078366292242962568956589104155231443755832772934786096417507926471853972969222895968837733475850875577301467133664272","embedding_degree": "2288265886710203238327300266360464405756478433381101803131487819728514394465885350707519880220484851659098770463826952679040662666572214604191342763705019050","trace_of_frobenius": "5133182737093516966116292369105062158447915857038956549678982449484591328997963"}}