main()
{
int loop;
int i;
gaudry_init();
for (loop = 0;loop < 100;++loop) {
random16(k);
printf("tk="); print16(k); printf(";\n");
gaudry_todouble(x,k);
printf("tx="); printdouble(x); printf(";\n");
printf("(tx-tk)%(2^127-1)\n");
randomdouble(x);
randomdouble(y);
printf("tx="); printdouble(x); printf(";\n");
printf("ty="); printdouble(y); printf(";\n");
gaudry_mult(z,x,y);
printf("tz="); printdouble(z); printf(";\n");
printf("(tx*ty-tz)%(2^127-1)\n");
randomdouble(x);
printf("tx="); printdouble(x); printf(";\n");
gaudry_recip(z,x);
printf("tz="); printdouble(z); printf(";\n");
printf("(tx*tz-1)%(2^127-1)\n");
gaudry_fromdouble(k,z);
printf("tk="); print16(k); printf(";\n");
printf("(tz-tk)%(2^127-1)\n");
randomdouble(x); printf("x0="); printdouble(x); printf(";\n");
randomdouble(x + 5); printf("x1="); printdouble(x + 5); printf(";\n");
randomdouble(x + 10); printf("x2="); printdouble(x + 10); printf(";\n");
randomdouble(x + 15); printf("x3="); printdouble(x + 15); printf(";\n");
gaudry_hadamard(z,x);
printf("z0="); printdouble(z); printf(";\n");
printf("z1="); printdouble(z + 5); printf(";\n");
printf("z2="); printdouble(z + 10); printf(";\n");
printf("z3="); printdouble(z + 15); printf(";\n");
printf("(x0+x1+x2+x3)-z0\n");
printf("(x0+x1-x2-x3)-z1\n");
printf("(x0-x1+x2-x3)-z2\n");
printf("(x0-x1-x2+x3)-z3\n");
}
gaudry_surface_specify(a,b,c,d);
printf("p=2^127-1;\n");
printf("a=Mod("); print16(a); printf(",p);\n");
printf("b=Mod("); print16(b); printf(",p);\n");
printf("c=Mod("); print16(c); printf(",p);\n");
printf("d=Mod("); print16(d); printf(",p);\n");
printf("qx1=Mod("); print16(x1str); printf(",p);\n");
printf("qy1=Mod("); print16(y1str); printf(",p);\n");
printf("qz1=Mod("); print16(z1str); printf(",p);\n");
printf("qt1=Mod("); print16(t1str); printf(",p);\n");
printf("R1=[qx1,qy1,qz1,qt1];\n");
printf("H(Q)=Q*[1,1,1,1;1,1,-1,-1;1,-1,1,-1;1,-1,-1,1]\n");
printf("AA = H([a*a,b*b,c*c,d*d])[1]/4;\n");
printf("BB = H([a*a,b*b,c*c,d*d])[2]/4;\n");
printf("CC = H([a*a,b*b,c*c,d*d])[3]/4;\n");
printf("DD = H([a*a,b*b,c*c,d*d])[4]/4;\n");
printf("e = 256 * a*b*c*d *AA*BB*CC*DD / ((a*a*d*d-b*b*c*c)*(a*a*c*c-b*b*d*d)*(a*a*b*b-c*c*d*d));\n");
printf("f = (a*a*a*a - b*b*b*b - c*c*c*c + d*d*d*d) / (a*a*d*d - b*b*c*c);\n");
printf("g = (a*a*a*a - b*b*b*b + c*c*c*c - d*d*d*d) / (a*a*c*c - b*b*d*d);\n");
printf("h = (a*a*a*a + b*b*b*b - c*c*c*c - d*d*d*d) / (a*a*b*b - c*c*d*d);\n");
printf("C = x^4+y^4+z^4+t^4 + 2*e*x*y*z*t - f*(x^2*t^2+y^2*z^2) - g*(x^2*z^2+y^2*t^2) - h*(x^2*y^2+z^2*t^2);\n");
printf("square(Q)=[Q[1]^2,Q[2]^2,Q[3]^2,Q[4]^2]\n");
printf("ABC(Q)=[Q[1],Q[2]*AA/BB,Q[3]*AA/CC,Q[4]*AA/DD]\n");
printf("mult(P,Q)=[P[1]*Q[1],P[2]*Q[2],P[3]*Q[3],P[4]*Q[4]]\n");
printf("abc(Q)=[Q[1],Q[2]*a/b,Q[3]*a/c,Q[4]*a/d]\n");
printf("double(Q)=abc(H(ABC(square(H(square(Q))))))\n");
printf("divide(P,Q)=[P[1]/Q[1],P[2]/Q[2],P[3]/Q[3],P[4]/Q[4]]\n");
printf("dividescaled(Q,Q1)=[Q[1],Q[2]*Q1[1]/Q1[2],Q[3]*Q1[1]/Q1[3],Q[4]*Q1[1]/Q1[4]]\n");
printf("add(Q2,Q3,Q1)=dividescaled(H(ABC(mult(H(square(Q2)),H(square(Q3))))),Q1)\n");
printf("onsurface(Q)=subst(subst(subst(subst(C,x,Q[1]),y,Q[2]),z,Q[3]),t,Q[4])\n");
printf("doubleadd(Z,Q1)=[double(Z[1]),add(Z[1],Z[2],Q1)]\n");
printf("flip(Z,bit)=[Z[2]*bit+Z[1]*(1-bit),Z[1]*bit+Z[2]*(1-bit)]\n");
printf("doubleaddflip(Z,Q1,bit)=flip(doubleadd(flip(Z,bit),Q1),bit)\n");
printf("ladder(Q1,n)=if(n==0,[[a,b,c,d],Q1],doubleaddflip(ladder(Q1,floor(n/2)),Q1,n%2))\n");
printf("scalarmult(Q1,n)=ladder(Q1,n)[1]\n");
gaudry_todouble(q1 + 0,x1str);
gaudry_todouble(q1 + 5,y1str);
gaudry_todouble(q1 + 10,z1str);
gaudry_todouble(q1 + 15,t1str);
printf("Q1="); printpoint(q1); printf(";\n");
printf("lift(onsurface(Q1))\n");
printf("lift((Q1-R1)[1])\n");
printf("lift((Q1-R1)[2])\n");
printf("lift((Q1-R1)[3])\n");
printf("lift((Q1-R1)[4])\n");
for (loop = 0;loop < 1000;++loop) {
for (i = 0;i < 32;++i) alicesecret[i] = random();
printf("AK="); print32(alicesecret); printf(";\n");
gaudry(alicepublic,alicesecret,basepoint);
printf("AP="); printkey(alicepublic); printf(";\n");
printf("T=scalarmult(Q1,AK);\n");
printf("lift(T[1]/T[2]-AP[1])\n");
printf("lift(T[1]/T[3]-AP[2])\n");
printf("lift(T[1]/T[4]-AP[3])\n");
for (i = 0;i < 32;++i) bobsecret[i] = random();
printf("BK="); print32(bobsecret); printf(";\n");
gaudry(bobpublic,bobsecret,basepoint);
printf("BP="); printkey(bobpublic); printf(";\n");
printf("T=scalarmult(Q1,BK);\n");
printf("lift(T[1]/T[2]-BP[1])\n");
printf("lift(T[1]/T[3]-BP[2])\n");
printf("lift(T[1]/T[4]-BP[3])\n");
gaudry(aliceshared,alicesecret,bobpublic);
gaudry(bobshared,bobsecret,alicepublic);
printf("AS="); printkey(aliceshared); printf(";\n");
printf("BS="); printkey(bobshared); printf(";\n");
printf("lift(AS[1]-BS[1])\n");
printf("lift(AS[2]-BS[2])\n");
printf("lift(AS[3]-BS[3])\n");
printf("T=scalarmult(Q1,AK*BK);\n");
printf("lift(T[1]/T[2]-AS[1])\n");
printf("lift(T[1]/T[3]-AS[2])\n");
printf("lift(T[1]/T[4]-AS[3])\n");
}
return 0;
}
inline int sticks(double stickiness) {
return randomdouble() < stickiness;
}
