Elliptic curve with strong p-1 and n-1 divisors

[vjudeu]

How to quickly find such curve? This is the best result I found so far:

Code:

p=0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffa5a999f
P=GF(p)
aP=P(0x0)
bP=P(0x3)
curve=EllipticCurve(P,(aP,bP))
n=curve.order()
print(hex(n))
print(factor(n-1))

p=0x100000000000000000000000000000001ecebbbe3d5814e4e8a59fa2210168a23
P=GF(p)
aP=P(0x0)
bP=P(0x3)
curve=EllipticCurve(P,(aP,bP))
n=curve.order()
print(hex(n))
print(factor(n-1))

Factors:

Code:

0x100000000000000000000000000000001ecebbbe3d5814e4e8a59fa2210168a23
2 * 3 * 19 * 1015720081029089433540096359725332525034431481054297927502942223006463572889
0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffa5a999f
2 * 3 * 19298681539552699237261830834781317975544997444273427339909597334652172485701

The question is: how to find a curve, where p-1 and n-1 divisors will be 2, 3, and some huge prime? This example is "almost there", but there is "19" in the middle. Is there a better approach than brute force?

Edit: Found it! With brute force, but still:

Code:

p=0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffcce82b9b
P=GF(p)
aP=P(0x0)
bP=P(0x3)
curve=EllipticCurve(P,(aP,bP))
n=curve.order()
print(hex(p))
print(factor(p-1))
print(hex(n))
print(factor(n-1))

In this case, n-value cannot be used to form a curve, but it should be sufficient in some cases anyway:

Code:

0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffcce82b9b
2 * 3 * 19298681539552699237261830834781317975544997444273427339909597334652045406703
0xffffffffffffffffffffffffffffffff4baa10269d6cad3c794b5056fcee1c37
2 * 3 * 19298681539552699237261830834781317975505046236074564924957172105089547131401