Title: Construct own Elliptic Curve Post by: a.a on September 09, 2021, 01:38:40 PM For some research I would like to use a secp256k1 like Elliptic Curve, but instead of 256 bit length it should be 32 bit length. Does somebody have something ready?
I mean, it is important to get the right values for G, n and P. How do you construct them for 32 bit? Thx Title: Re: Construct own Elliptic Curve Post by: gmaxwell on September 09, 2021, 08:12:30 PM To be analogous to secp256k1, your prime should be congruent to 3 mod 4, should have a primitive cube root of unity, and the generated group should be prime.
The curve created by a=0 b=11 over field P=2^32-116325 has these properties. N is 2^32-4443. There are many such choices that work. I chose the option with the largest group size subject to the restriction that the order was still under 2^32, that the twist had cofactor of 4 or less, and that the embedding degree was 'large' (in this case almost 2^30, though there are somewhat smaller groups where the embedding degree is close to 2^32). I chose the smallest b among the isomorphic alternatives. For a generator, you could use G = {0x02, 0x20c2c3af} (x=0x01 isn't on the curve). All points on the curve are equally good as a generator. results=[] for x in [xf for xf in range(2^32,2^32-300000,-1) if xf%4==3 and Integer(xf).is_prime() and FiniteField(xf)(1).nth_root(3)!=1]: for b in range(1,15): order=EllipticCurve([FiniteField(x)(0), FiniteField(x)(b)]).order() if order<2^32 and order.is_prime()==True: ordert=EllipticCurve([FiniteField(x)(0), FiniteField(x)(-b)]).order() ordertp=factor(ordert)[-1][0] if ordert/ordertp<=4: results.append((order,RR(log(FiniteField(order)(x).multiplicative_order(),2)),ordert,-x,-b)) sorted(results) Title: Re: Construct own Elliptic Curve Post by: a.a on September 13, 2021, 07:51:31 PM Hmm. Can you please provide me a 2^16 curve with starting point 1 please?
It is easier to generate all points for 2^16 than for 2^32 :)) Title: Re: Construct own Elliptic Curve Post by: gmaxwell on September 13, 2021, 08:46:58 PM P=64231 N=64633 a=0 b=3 G={0x01,0x02}
|