Пример #1
0
BOOL zzn2_qr(_MIPD_ zzn2 *u)
{
    int j;
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif

    if (mr_mip->ERNUM) return FALSE;
    if (zzn2_iszero(u)) return TRUE;
    if (size(u->b)==0) return TRUE;

    if (mr_mip->qnr==-1 && size(u->a)==0) return TRUE;
    

    MR_IN(203)  

    nres_modmult(_MIPP_ u->b,u->b,mr_mip->w1);
    if (mr_mip->qnr==-2) nres_modadd(_MIPP_ mr_mip->w1,mr_mip->w1,mr_mip->w1);
    nres_modmult(_MIPP_ u->a,u->a,mr_mip->w2);
    nres_modadd(_MIPP_ mr_mip->w1,mr_mip->w2,mr_mip->w1);
    redc(_MIPP_ mr_mip->w1,mr_mip->w1); 
    j=jack(_MIPP_ mr_mip->w1,mr_mip->modulus);

    MR_OUT
    if (j==1) return TRUE; 
    return FALSE; 
}
Пример #2
0
void duplication(big sum,big diff,big x,big z)
{ /* double a point on the curve P(x,z)=2.P(x1,z1) */
    nres_modmult(sum,sum,t);
    nres_modmult(diff,diff,z);
    nres_modmult(t,z,x);          /* x = sum^2.diff^2 */
    nres_modsub(t,z,t);           /* t = sum^2-diff^2 */
    nres_modmult(ak,t,w);
    nres_modadd(z,w,z);           /* z = ak*t +diff^2 */
    nres_modmult(z,t,z);          /* z = z.t          */
}
Пример #3
0
void zzn2_smul(_MIPD_ zzn2 *x,big y,zzn2 *w)
{
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif
    if (mr_mip->ERNUM) return;
    MR_IN(161)
    if (size(x->a)!=0) nres_modmult(_MIPP_ x->a,y,w->a);
    else zero(w->a);
    if (size(x->b)!=0) nres_modmult(_MIPP_ x->b,y,w->b);
    else zero(w->b);
    MR_OUT
}
Пример #4
0
void zzn3_powq(_MIPD_ zzn3 *x,zzn3 *w)
{ /* sru - precalculated sixth root of unity */
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif
    MR_IN(178)
    zzn3_copy(x,w);
    nres_modmult(_MIPP_ mr_mip->sru,mr_mip->sru,mr_mip->w1); /* cube root of unity */
    nres_modmult(_MIPP_ w->b,mr_mip->w1,w->b);
    nres_modmult(_MIPP_ w->c,mr_mip->w1,w->c);
    nres_modmult(_MIPP_ w->c,mr_mip->w1,w->c);

    MR_OUT
}
Пример #5
0
void zzn2_mul(_MIPD_ zzn2 *x,zzn2 *y,zzn2 *w)
{
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif

    if (mr_mip->ERNUM) return;
	if (x==y) {zzn2_sqr(_MIPP_ x,w); return; }
    MR_IN(162)
 /* Uses w1, w2, and w5 */

    if (zzn2_iszero(x) || zzn2_iszero(y)) zzn2_zero(w);
    else
    {
#ifdef MR_COUNT_OPS
fpmq++; 
#endif
#ifndef MR_NO_LAZY_REDUCTION 
        if (x->a->len!=0 && x->b->len!=0 && y->a->len!=0 && y->b->len!=0)
            nres_lazy(_MIPP_ x->a,x->b,y->a,y->b,w->a,w->b);
        else
        {
#endif
            nres_modmult(_MIPP_ x->a,y->a,mr_mip->w1);
            nres_modmult(_MIPP_ x->b,y->b,mr_mip->w2);
            nres_modadd(_MIPP_ x->a,x->b,mr_mip->w5);
            nres_modadd(_MIPP_ y->a,y->b,w->b);
            nres_modmult(_MIPP_ w->b,mr_mip->w5,w->b);
            nres_modsub(_MIPP_ w->b,mr_mip->w1,w->b);
            nres_modsub(_MIPP_ w->b,mr_mip->w2,w->b);
            nres_modsub(_MIPP_ mr_mip->w1,mr_mip->w2,w->a);
            if (mr_mip->qnr==-2)
                nres_modsub(_MIPP_ w->a,mr_mip->w2,w->a);
#ifndef MR_NO_LAZY_REDUCTION
        }
#endif
    }    
    MR_OUT
}
Пример #6
0
/*
void zzn2_print(_MIPD_ char *label, zzn2 *x)
{
    char s1[1024], s2[1024];
    big a, b;

#ifdef MR_STATIC
    char mem_big[MR_BIG_RESERVE(2)];   
 	memset(mem_big, 0, MR_BIG_RESERVE(2)); 
    a=mirvar_mem(_MIPP_ mem_big,0);
    b=mirvar_mem(_MIPP_ mem_big,1);
#else
    a = mirvar(_MIPP_  0); 
    b = mirvar(_MIPP_  0); 
#endif
    redc(_MIPP_ x->a, a); otstr(_MIPP_ a, s1);
    redc(_MIPP_ x->b, b); otstr(_MIPP_ b, s2);

    printf("%s: [%s,%s]\n", label, s1, s2);
#ifndef MR_STATIC
    mr_free(a); mr_free(b);
#endif
}

static void nres_print(_MIPD_ char *label, big x)
{
    char s[1024];
    big a;
#ifdef MR_STATIC
    char mem_big[MR_BIG_RESERVE(1)];     
 	memset(mem_big, 0, MR_BIG_RESERVE(1)); 
    a=mirvar_mem(_MIPP_ mem_big,0);
#else
    a = mirvar(_MIPP_  0); 
#endif

    redc(_MIPP_ x, a);
    otstr(_MIPP_ a, s);

    printf("%s: %s\n", label, s);
#ifndef MR_STATIC
    mr_free(a);
#endif
}

*/
void zzn2_inv(_MIPD_ zzn2 *w)
{
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif
    if (mr_mip->ERNUM) return;
    MR_IN(163)
    nres_modmult(_MIPP_ w->a,w->a,mr_mip->w1); 
    nres_modmult(_MIPP_ w->b,w->b,mr_mip->w2); 
    nres_modadd(_MIPP_ mr_mip->w1,mr_mip->w2,mr_mip->w1);

    if (mr_mip->qnr==-2)
        nres_modadd(_MIPP_ mr_mip->w1,mr_mip->w2,mr_mip->w1);
    redc(_MIPP_ mr_mip->w1,mr_mip->w6);
  
    invmodp(_MIPP_ mr_mip->w6,mr_mip->modulus,mr_mip->w6);

    nres(_MIPP_ mr_mip->w6,mr_mip->w6);

    nres_modmult(_MIPP_ w->a,mr_mip->w6,w->a);
    nres_negate(_MIPP_ mr_mip->w6,mr_mip->w6);
    nres_modmult(_MIPP_ w->b,mr_mip->w6,w->b);
    MR_OUT
}
Пример #7
0
void addition(big xd,big zd,big sm1,big df1,big sm2,big df2,big x,big z)
{ /* add two points on the curve P(x,z)=P(x1,z1)+P(x2,z2) *
   * given their difference P(xd,zd)                      */
    nres_modmult(df2,sm1,x);
    nres_modmult(df1,sm2,z);
    nres_modadd(z,x,t);
    nres_modsub(z,x,z);
    nres_modmult(t,t,x);
    nres_modmult(x,zd,x);     /* x = zd.[df1.sm2+sm1.df2]^2 */
    nres_modmult(z,z,z);
    nres_modmult(z,xd,z);     /* z = xd.[df1.sm2-sm1.df2]^2 */
}
Пример #8
0
int main()
{  /*  factoring program using Lenstras Elliptic Curve method */
    int phase,m,k,nc,iv,pos,btch,u,v;
    long i,p,pa,interval;
    big q,x,z,a,x1,z1,x2,z2,xt,zt,n,fvw;
    static big fu[1+MULT/2];
    static BOOL cp[1+MULT/2];
    mip=mirsys(30,0);
    q=mirvar(0);
    x=mirvar(0);
    z=mirvar(0);
    a=mirvar(0);
    x1=mirvar(0);
    z1=mirvar(0);
    x2=mirvar(0);
    z2=mirvar(0);
    n=mirvar(0);
    t=mirvar(0);
    s1=mirvar(0);
    d1=mirvar(0);
    s2=mirvar(0);
    d2=mirvar(0);
    ak=mirvar(0);
    xt=mirvar(0);
    zt=mirvar(0);
    fvw=mirvar(0);
    w=mirvar(0);
    gprime(LIMIT1);
    for (m=1;m<=MULT/2;m+=2)
        if (igcd(MULT,m)==1)
        {
            fu[m]=mirvar(0);
            cp[m]=TRUE;
        }
        else cp[m]=FALSE;
    printf("input number to be factored\n");
    cinnum(n,stdin);

    if (isprime(n))
    {
        printf("this number is prime!\n");
        return 0;
    }
    prepare_monty(n);
    for (nc=1,k=6;k<100;k++)
    { /* try a new curve */
                             /* generating an elliptic curve */
        u=k*k-5;
        v=4*k;
        convert(u,x);  nres(x,x);
        convert(v,z);  nres(z,z);
        nres_modsub(z,x,a);   /* a=v-u */

        copy(x,t);
        nres_modmult(x,x,x);
        nres_modmult(x,t,x);  /* x=u^3 */

        copy(z,t);
        nres_modmult(z,z,z);
        nres_modmult(z,t,z);  /* z=v^3 */

        copy(a,t);
        nres_modmult(t,t,t);
        nres_modmult(t,a,t);  /* t=(v-u)^3 */

        convert(3*u,a); nres(a,a);
        convert(v,ak);  nres(ak,ak);
        nres_modadd(a,ak,a);
        nres_modmult(t,a,t);  /* t=(v-u)^3.(3u+v) */

        convert(u,a);  nres(a,a);
        copy(a,ak);
        nres_modmult(a,a,a);
        nres_modmult(a,ak,a);   /* a=u^3 */
        convert(v,ak); nres(ak,ak);
        nres_modmult(a,ak,a);   /* a=u^3.v */
        nres_premult(a,16,a);
        nres_moddiv(t,a,ak);     /* ak=(v-u)^3.(3u+v)/16u^3v */

        nc++;

        phase=1;
        p=0;
        i=0;
        btch=50;
        printf("phase 1 - trying all primes less than %d\n",LIMIT1);
        printf("prime= %8ld",p);
        forever
        { /* main loop */
            if (phase==1)
            {
                p=mip->PRIMES[i];
                if (mip->PRIMES[i+1]==0)
                { /* now change gear */
                    phase=2;
                    printf("\nphase 2 - trying last prime less than %ld\n",
                            LIMIT2);
                    printf("prime= %8ld",p);
                    copy(x,xt);
                    copy(z,zt);
                    nres_modadd(x,z,s2);
                    nres_modsub(x,z,d2);                    /*   P = (s2,d2) */
                    duplication(s2,d2,x,z);
                    nres_modadd(x,z,s1);
                    nres_modsub(x,z,d1);                    /* 2.P = (s1,d1) */

                    nres_moddiv(x1,z1,fu[1]);               /* fu[1] = x1/z1 */
                    
                    addition(x1,z1,s1,d1,s2,d2,x2,z2); /* 3.P = (x2,z2) */
                    for (m=5;m<=MULT/2;m+=2)
                    { /* calculate m.P = (x,z) and store fu[m] = x/z */
                        nres_modadd(x2,z2,s2);
                        nres_modsub(x2,z2,d2);
                        addition(x1,z1,s2,d2,s1,d1,x,z);
                        copy(x2,x1);
                        copy(z2,z1);
                        copy(x,x2);
                        copy(z,z2);
                        if (!cp[m]) continue;
                        copy(z2,fu[m]);
                        nres_moddiv(x2,fu[m],fu[m]);
                    }
                    ellipse(xt,zt,MULT,x,z,x2,z2);
                    nres_modadd(x,z,xt);
                    nres_modsub(x,z,zt);              /* MULT.P = (xt,zt) */
                    iv=(int)(p/MULT);
                    if (p%MULT>MULT/2) iv++;
                    interval=(long)iv*MULT; 
                    p=interval+1;
                    ellipse(x,z,iv,x1,z1,x2,z2); /* (x1,z1) = iv.MULT.P */
                    nres_moddiv(x1,z1,fvw);                /* fvw = x1/z1 */
                    nres_modsub(fvw,fu[p%MULT],q);
                    marks(interval);
                    btch*=100;
                    i++;
                    continue;
                }
                pa=p;
                while ((LIMIT1/p) > pa) pa*=p;
                ellipse(x,z,(int)pa,x1,z1,x2,z2);
                copy(x1,x);
                copy(z1,z);
                copy(z,q);
            }
            else
            { /* phase 2 - looking for last large prime factor of (p+1+d) */
                p+=2;
                pos=(int)(p%MULT);
                if (pos>MULT/2)
                { /* increment giant step */
                    iv++;
                    interval=(long)iv*MULT;
                    p=interval+1;
                    marks(interval);
                    pos=1;
                    nres_moddiv(x2,z2,fvw);
                    nres_modadd(x2,z2,s2);
                    nres_modsub(x2,z2,d2);
                    addition(x1,z1,s2,d2,xt,zt,x,z);
                    copy(x2,x1);
                    copy(z2,z1);
                    copy(x,x2);
                    copy(z,z2);
                }
                if (!cp[pos]) continue;

        /* if neither interval +/- pos is prime, don't bother */
                if (!plus[pos] && !minus[pos]) continue;
                nres_modsub(fvw,fu[pos],t);
                nres_modmult(q,t,q);
            }
            if (i++%btch==0)
            { /* try for a solution */
                printf("\b\b\b\b\b\b\b\b%8ld",p);
                fflush(stdout);
                egcd(q,n,t);
                if (size(t)==1)
                {
                    if (p>LIMIT2) break;
                    else continue;
                }
                if (compare(t,n)==0)
                {
                    printf("\ndegenerate case");
                    break;
                }
                printf("\nfactors are\n");
                if (isprime(t)) printf("prime factor     ");
                else            printf("composite factor ");
                cotnum(t,stdout);
                divide(n,t,n);
                if (isprime(n)) printf("prime factor     ");
                else            printf("composite factor ");
                cotnum(n,stdout);
                return 0;
            }
        }
        if (nc>NCURVES) break;
        printf("\ntrying a different curve %d\n",nc);
    } 
    printf("\nfailed to factor\n");
    return 0;
}
Пример #9
0
void g(_MIPD_ epoint *A,epoint *B,zzn3 *Qx,zzn3 *Qy,zzn6 *w)
{
    int type;
    big slope;
    zzn3 nn,dd;

    copy(A->X,mr_mip->w10);

    type=ecurve_add(_MIPP_ B,A);
    if (!type)  
    {
        zzn6_from_int(_MIPP_ 1,w);
        return;
    }
    slope=mr_mip->w8; /* slope in w8 */

    nn.a=mr_mip->w13;
    nn.b=mr_mip->w14;
    nn.c=mr_mip->w15;

    dd.a=mr_mip->w5;
    dd.b=mr_mip->w11;
    dd.c=mr_mip->w9;

    zzn3_copy(Qx,&nn);
    zzn3_copy(Qy,&dd);
    zzn3_negate(_MIPP_ &dd,&dd);

#ifndef MR_AFFINE_ONLY
    if (A->marker!=MR_EPOINT_GENERAL)
        copy(mr_mip->one,mr_mip->w12);
    else copy(A->Z,mr_mip->w12);       
#else
    copy(mr_mip->one,mr_mip->w12);
#endif
    if (type==MR_ADD)
    {
        zzn3_ssub(_MIPP_ &nn,B->X,&nn);
        zzn3_smul(_MIPP_ &nn,slope,&nn);
        nres_modmult(_MIPP_ mr_mip->w12,B->Y,mr_mip->w2);
        zzn3_sadd(_MIPP_ &nn,mr_mip->w2,&nn);
        zzn3_smul(_MIPP_ &dd,mr_mip->w12,&dd);
        zzn3_copy(&nn,&(w->x));
        zzn3_copy(&dd,&(w->y));
        return;
    }

    if (type==MR_DOUBLE)
    { /* note that ecurve_add has left useful things for us in w6 and w7! */     
        nres_modmult(_MIPP_ slope,mr_mip->w6,mr_mip->w2);
        zzn3_smul(_MIPP_ &nn,mr_mip->w2,&nn);
        nres_modmult(_MIPP_ slope,mr_mip->w10,slope);
        zzn3_ssub(_MIPP_ &nn,slope,&nn);
        zzn3_sadd(_MIPP_ &nn,mr_mip->w7,&nn);
        nres_modmult(_MIPP_ mr_mip->w12,mr_mip->w6,mr_mip->w12);
        zzn3_smul(_MIPP_ &dd,mr_mip->w12,&dd);
        zzn3_copy(&nn,&(w->x));
        zzn3_copy(&dd,&(w->y));
        return;
    }
}
Пример #10
0
void zzn3_inv(_MIPD_ zzn3 *w)
{
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif
    if (mr_mip->ERNUM) return;
    MR_IN(187)

    nres_modmult(_MIPP_ w->a,w->a,mr_mip->w1);
    nres_modmult(_MIPP_ w->b,w->c,mr_mip->w2);

    nres_premult(_MIPP_ mr_mip->w2,mr_mip->cnr,mr_mip->w2);
    nres_modsub(_MIPP_ mr_mip->w1,mr_mip->w2,mr_mip->w3);

    nres_modmult(_MIPP_ w->c,w->c,mr_mip->w1);
    nres_modmult(_MIPP_ w->a,w->b,mr_mip->w2);

    nres_premult(_MIPP_ mr_mip->w1,mr_mip->cnr,mr_mip->w1);
    nres_modsub(_MIPP_ mr_mip->w2,mr_mip->w1,mr_mip->w4);
    nres_negate(_MIPP_ mr_mip->w4,mr_mip->w4);

    nres_modmult(_MIPP_ w->b,w->b,mr_mip->w1);
    nres_modmult(_MIPP_ w->a,w->c,mr_mip->w2);
    nres_modsub(_MIPP_ mr_mip->w1,mr_mip->w2,mr_mip->w5);

    nres_modmult(_MIPP_ w->b,mr_mip->w5,mr_mip->w1);
    nres_modmult(_MIPP_ w->c,mr_mip->w4,mr_mip->w2);
    nres_modadd(_MIPP_ mr_mip->w2,mr_mip->w1,mr_mip->w2);
    nres_premult(_MIPP_ mr_mip->w2,mr_mip->cnr,mr_mip->w2);
    nres_modmult(_MIPP_ w->a,mr_mip->w3,mr_mip->w1);
    nres_modadd(_MIPP_ mr_mip->w1,mr_mip->w2,mr_mip->w1);

    copy(mr_mip->w3,w->a);
    copy(mr_mip->w4,w->b);
    copy(mr_mip->w5,w->c);

    redc(_MIPP_ mr_mip->w1,mr_mip->w6);
    invmodp(_MIPP_ mr_mip->w6,mr_mip->modulus,mr_mip->w6);
    nres(_MIPP_ mr_mip->w6,mr_mip->w6);

    nres_modmult(_MIPP_ w->a,mr_mip->w6,w->a);
    nres_modmult(_MIPP_ w->b,mr_mip->w6,w->b);
    nres_modmult(_MIPP_ w->c,mr_mip->w6,w->c);

    MR_OUT
}
Пример #11
0
void zzn3_mul(_MIPD_ zzn3 *x,zzn3 *y,zzn3 *w)
{
#ifdef MR_OS_THREADS
    miracl *mr_mip=get_mip();
#endif

    if (mr_mip->ERNUM) return;
    MR_IN(186)

    if (x==y)
    { /* Chung-Hasan SQR2 */
        nres_modmult(_MIPP_ x->a,x->a,mr_mip->w1);
        nres_modmult(_MIPP_ x->b,x->c,mr_mip->w2);
        nres_modadd(_MIPP_ mr_mip->w2,mr_mip->w2,mr_mip->w2);
        nres_modmult(_MIPP_ x->c,x->c,mr_mip->w3);
        nres_modmult(_MIPP_ x->a,x->b,mr_mip->w4);
        nres_modadd(_MIPP_ mr_mip->w4,mr_mip->w4,mr_mip->w4);

        nres_modadd(_MIPP_ x->a,x->b,mr_mip->w5);
        nres_modadd(_MIPP_ mr_mip->w5,x->c,w->c);
        nres_modmult(_MIPP_ w->c,w->c,w->c);

        nres_premult(_MIPP_ mr_mip->w2,mr_mip->cnr,w->a);
        nres_modadd(_MIPP_ mr_mip->w1,w->a,w->a);
        nres_premult(_MIPP_ mr_mip->w3,mr_mip->cnr,w->b);
        nres_modadd(_MIPP_ mr_mip->w4,w->b,w->b);

        nres_modsub(_MIPP_ w->c,mr_mip->w1,w->c);
        nres_modsub(_MIPP_ w->c,mr_mip->w2,w->c);
        nres_modsub(_MIPP_ w->c,mr_mip->w3,w->c);
        nres_modsub(_MIPP_ w->c,mr_mip->w4,w->c);
    }
    else
    {
        nres_modmult(_MIPP_ x->a,y->a,mr_mip->w1); /* Z0 */
        nres_modmult(_MIPP_ x->b,y->b,mr_mip->w2); /* Z2 */
        nres_modmult(_MIPP_ x->c,y->c,mr_mip->w3); /* Z4 */

        nres_modadd(_MIPP_ x->a,x->b,mr_mip->w4);
        nres_modadd(_MIPP_ y->a,y->b,mr_mip->w5);
        nres_modmult(_MIPP_ mr_mip->w4,mr_mip->w5,mr_mip->w6); /* Z1 */
        nres_modsub(_MIPP_ mr_mip->w6,mr_mip->w1,mr_mip->w6);
        nres_modsub(_MIPP_ mr_mip->w6,mr_mip->w2,mr_mip->w6);

        nres_modadd(_MIPP_ x->b,x->c,mr_mip->w4);
        nres_modadd(_MIPP_ y->b,y->c,mr_mip->w5);
        nres_modmult(_MIPP_ mr_mip->w4,mr_mip->w5,w->b); /* Z3 */

        nres_modadd(_MIPP_ x->a,x->c,mr_mip->w4);
        nres_modadd(_MIPP_ y->a,y->c,mr_mip->w5);

        nres_modsub(_MIPP_ w->b,mr_mip->w2,w->b);
        nres_modsub(_MIPP_ w->b,mr_mip->w3,w->b); 
        nres_premult(_MIPP_ w->b,mr_mip->cnr,w->a);

        nres_modmult(_MIPP_ mr_mip->w4,mr_mip->w5,mr_mip->w4);
        nres_modadd(_MIPP_ mr_mip->w2,mr_mip->w4,mr_mip->w2);
        nres_modsub(_MIPP_ mr_mip->w2,mr_mip->w1,mr_mip->w2);
        nres_modsub(_MIPP_ mr_mip->w2,mr_mip->w3,w->c);

        nres_modadd(_MIPP_ w->a,mr_mip->w1,w->a);
        nres_premult(_MIPP_ mr_mip->w3,mr_mip->cnr,w->b);
        nres_modadd(_MIPP_ w->b,mr_mip->w6,w->b);        
    }
    
    MR_OUT
}