void CRSAFactorHintDlg::OnRadiochoice()
{
UpdateData();
bool b=(m_choice==0);
((CEdit*)GetDlgItem(IDC_EDITN))->SetReadOnly(!b);
((CEdit*)GetDlgItem(IDC_EDITGUESSP_LEFT))->SetReadOnly(!b);
((CEdit*)GetDlgItem(IDC_EDITGUESSP_RIGHT))->SetReadOnly(!b);
((CEdit*)GetDlgItem(IDC_EDITBITSOFN))->SetReadOnly(b);
((CEdit*)GetDlgItem(IDC_EDITB))->SetReadOnly(b);
GetDlgItem(IDC_R)->EnableWindow(!b);
GetDlgItem(IDC_BUTTONDEFAULT)->EnableWindow(!b);
m_N=to_ZZ(0);
m_p=to_ZZ(0);
m_GuessP=to_ZZ(0);
updateNP();
if(b){//user values
SetDlgItemText(IDC_EDITBITSOFN,"200");
SetDlgItemText(IDC_EDITBITSOFP,"");
SetDlgItemText(IDC_EDITB,"");
}else{
SetDlgItemText(IDC_EDITBITSOFN,"200");
SetDlgItemText(IDC_EDITBITSOFP,"100");
SetDlgItemText(IDC_EDITB,"80");
}
UpdateData(false);
updateDim();
}
CLBlindRecipient::CLBlindRecipient(const GroupRSA* pk, int lx, int numPrivates,
int numPublics, const gen_group_map &grps,
const vector<CommitmentInfo> &coms)
: numPrivates(numPrivates), numPublics(numPublics)
{
v["modSize"] = pk->getModulusLength();
v["stat"] = to_ZZ(pk->getStat());
v["l_x"] = to_ZZ(lx);
// first set up groups
vector<string> genNames;
genNames.push_back("f");
for (int i = 0; i < numPrivates+numPublics; i++) {
genNames.push_back("g_"+lexical_cast<string>(i+1));
}
genNames.push_back("h");
gen_group_map pMap(grps);
pMap["pkGroup"] = make_pair(pk, genNames);
for (gen_group_map::iterator it = pMap.begin(); it != pMap.end(); ++it) {
// insert into environment
g[it->first] = it->second.first;
}
// now need to insert commitments
for (unsigned i = 0; i < coms.size(); i++) {
v["c_"+lexical_cast<string>(i+1)] = coms[i].comValue;
}
string fname = ProgramMaker::makeCLObtain(pMap, coms);
inputs["l"] = to_ZZ(numPrivates);
inputs["k"] = to_ZZ(numPublics);
prover.check(fname, inputs, g);
}
// p is prime and p = 1 mod 4
vector<ZZ> CommonFunctions::decomposePrime(const ZZ &p, int stat) {
ZZ b;
if((p % 8) == to_ZZ(5)) {
b = to_ZZ(2);
}
else {
b = to_ZZ(3);
while(PowerMod(b, (p-1)/2, p) == 1) {
// next prime(b) returns the smallest prime larger than b
b = NextPrime(b, stat);
}
}
b = PowerMod(b, (p-1)/4, p);
// b is now an imaginary unit, i.e. b^2 = -1 mod p
ZZ a;
a = p;
while(power(b, 2) > p) {
ZZ temp = a;
a = b;
b = temp % b;
}
// cout << "a : " << a << " b : " << b << endl;
vector<ZZ> twoSquares;
twoSquares.push_back(b);
twoSquares.push_back(a % b);
return twoSquares;
}
int main() {
ZZ x=to_ZZ(5);
ZZ y=to_ZZ(0);
ZZ z=to_ZZ(-3);
unsigned char data[1000];
int data_len;
int data_ub;
data_len=0;
cout << "x=" << x << endl;
cout << "y=" << y << endl;
cout << "z=" << z << endl;
NTL_Pack(x,data,data_len);
NTL_Pack(y,data,data_len);
NTL_Pack(z,data,data_len);
cout << "data_len = " << data_len << endl;
data_ub=0;
NTL_Unpack(x,data,data_ub,data_len);
NTL_Unpack(y,data,data_ub,data_len);
NTL_Unpack(z,data,data_ub,data_len);
cout << "x=" << x << endl;
cout << "y=" << y << endl;
cout << "z=" << z << endl;
cout << "data_ub = " << data_ub << endl;
}
ZZ ProofNode::calculateHash(int level, int rank, ZZ hashBelow, ZZ hashAfter) {
vector<ZZ> vectorZZ;
vectorZZ.push_back(to_ZZ(level));
vectorZZ.push_back(to_ZZ(rank));
vectorZZ.push_back(hashBelow);
vectorZZ.push_back(hashAfter);
return Hash::hash(vectorZZ, DPDPCONST::hashAlg);
}
void CRSAFactorHintDlg::OnChangeEditbitsofp()
{
UpdateData();
if(m_choice==1){
m_N=to_ZZ(0);
m_p=to_ZZ(0);
m_GuessP=to_ZZ(0);
updateNP();
}
updateDim();
}
void CRSAFactorHintDlg::OnChangeGuessP()
{
UpdateData();
if(m_choice==0){
int base=(m_base*6+10)%20;
CString GuessPString;
if(m_msbLsb==0){
GetDlgItemText(IDC_EDITGUESSP_LEFT,GuessPString);
// SetDlgItemText(IDC_EDITGUESSP_RIGHT,GuessPString);
}
else{
GetDlgItemText(IDC_EDITGUESSP_RIGHT,GuessPString);
// SetDlgItemText(IDC_EDITGUESSP_LEFT,GuessPString);
}
ZZ tmpGuessP=setToStringValue(GuessPString,base);
int bitsOfGuess=NumBits(tmpGuessP);
int z=0;
for(int i=0; i<GuessPString.GetLength()
&&(GuessPString.GetAt(i)=='0'
||GuessPString.GetAt(i)==' '); i++)
if(GuessPString.GetAt(i)=='0')
z++;
int zeroBits=NumBits(power(to_ZZ(base),z)-1);
bitsOfGuess+=zeroBits;
m_GuessP=tmpGuessP;
SetDlgItemInt(IDC_EDITB, bitsOfGuess);
}
UpdateData(false);
//updateDim();
}
void CRSAFactorHintDlg::updateP()
{
int b=GetDlgItemInt(IDC_EDITB);
ZZ X=to_ZZ(1);
UpdateData();
ZZ P=m_p;
int m_bitsOfP=GetDlgItemInt(IDC_EDITBITSOFP);
if(b>m_bitsOfP)
b=m_bitsOfP;
if(m_msbLsb==0){ // if MSB example
X<<=m_bitsOfP-b;
m_GuessP=m_p-(m_p%X); // delete lower bits
m_GuessP/=X;
}
else{
X<<=b;
m_GuessP=m_p%X; // else delte Higher bits
}
SetDlgItemText(IDC_EDITGUESSP_LEFT,toString(m_GuessP,(m_base*6+10)%20, m_base*m_base*2));
SetDlgItemText(IDC_EDITGUESSP_RIGHT,toString(m_GuessP,(m_base*6+10)%20, m_base*m_base*2));
updateNP();
}
// Implementation of scrt += poly, scrt -= poly, or scrt *= poly. This
// implementation is safe for "in place" operation, e.g., s += s.map[i]
SingleCRT& SingleCRT::Op(const ZZX &poly,
void (*Fnc)(ZZ&, const ZZ&, const ZZ&, const ZZ&))
{
const IndexSet& s = map.getIndexSet();
ZZX poly1, poly2;
poly1 = poly;
for (long i = s.first(); i <= s.last(); i = s.next(i)) {
ZZ pi = to_ZZ(context.ithPrime(i));
poly2 = poly1;
PolyRed(poly2,pi,/*abs=*/true); // abs=true means reduce to [0,pi-1)
vec_ZZ& vp1 = map[i].rep;
vec_ZZ& vp2 = poly2.rep;
long len1 = vp1.length();
long len2 = vp2.length();
long maxlen = max(len1, len2);
vp1.SetLength(maxlen);
for (long j=len1; j < maxlen; j++) clear(vp1[j]);
for (long j=0; j<len2; j++)
Fnc(vp1[j], vp1[j], vp2[j], pi);
map[i].normalize();
}
return *this;
}
// trial division primitive
void TrialDivision(vec_pair_ZZ_long& factors, ZZ& q, const ZZ& n, long bnd) {
factors.SetLength(0);
if (&q!=&n) q=n;
if (bnd==0) {
bnd=10000; // should probably be higher
}
PrimeSeq s;
ZZ d;
for (long p=s.next(); (p>0 && p<=bnd); p=s.next()) {
if (DivRem(d,q,p)==0) {
long e=1;
q=d;
while (DivRem(d,q,p)==0) {
++e;
q=d;
}
addFactor(factors,to_ZZ(p),e);
if (IsOne(q))
return;
}
if (d<=p) {
// q must be prime
addFactor(factors,q);
set(q);
return;
}
}
}
void CRSAFactorHintDlg::updateNP()
{
UpdateData();
int group= m_base*m_base*2;
int base=(m_base*6+10)%20;
SetDlgItemText(IDC_EDITN,toString(m_N,base,group));
SetDlgItemText(IDC_EDITP_LEFT,toString(m_p,base,group));
SetDlgItemText(IDC_EDITP_RIGHT,toString(m_p,base,group));
if(m_GuessP>0){
//if(m_msbLsb==0){
int figuresOfP;
int figuresOfGuess;
int groupOffset=0;
if(group>0&&m_p>0){
figuresOfP=(int)ceil(log(m_p)/log((double)base));
figuresOfGuess=(int)ceil(log(m_GuessP)/log((double)base));
groupOffset=(figuresOfP-figuresOfGuess)%group;
}
CString filledString=toString(m_GuessP,base,group,groupOffset,0);
SetDlgItemText(IDC_EDITGUESSP_LEFT,filledString);
int m_b=GetDlgItemInt(IDC_EDITB);
int NumFigures =(int) ceil(log(power(to_ZZ(2),m_b))/log((double)base));
SetDlgItemText(IDC_EDITGUESSP_RIGHT,toString(m_GuessP,base,group,0,NumFigures));
}else{
SetDlgItemText(IDC_EDITGUESSP_LEFT,"");
SetDlgItemText(IDC_EDITGUESSP_RIGHT,"");
}
((CEdit*)GetDlgItem(IDC_EDITP_RIGHT))->SetSel(0,-1);
((CEdit*)GetDlgItem(IDC_EDITGUESSP_RIGHT))->SetSel(0,-1);
UpdateData(false);
}
void SingleCRT::toPoly(ZZX& poly, const IndexSet& s) const
{
IndexSet s1 = map.getIndexSet() & s;
if (card(s1) == 0) {
clear(poly);
return;
}
ZZ p = to_ZZ(context.ithPrime(s1.first())); // the first modulus
poly = map[s1.first()]; // Get poly modulo the first prime
vec_ZZ& vp = poly.rep;
// ensure that coeficient vector is of size phi(m) with entries in [-p/2,p/2]
long phim = context.zMstar.phiM();
long vpLength = vp.length();
if (vpLength<phim) { // just in case of leading zeros in poly
vp.SetLength(phim);
for (long j=vpLength; j<phim; j++) vp[j]=0;
}
ZZ p_over_2 = p/2;
for (long j=0; j<phim; j++) if (vp[j] > p_over_2) vp[j] -= p;
// do incremental integer CRT for other levels
for (long i = s1.next(s1.first()); i <= s1.last(); i = s1.next(i)) {
long q = context.ithPrime(i); // the next modulus
// CRT the coefficient vectors of poly and current
intVecCRT(vp, p, map[i].rep, q); // defined in the module NumbTh
p *= q; // update the modulus
}
poly.normalize(); // need to call this after we work on the coeffs
}
//~~~~~~~~~~~~~~~FUNCTII PENTRU CRIPTARE/DECRIPTARE~~~~~~~~~~~~~~
void gen_p_q_n_phi_n()
{
SetSeed(to_ZZ(6));
GenGermainPrime(p,512);
q=p;
while(p==q)
{
GenGermainPrime(q,512);
SetSeed(to_ZZ(10));
}
n=p*q;
phi_n=(p-1)*(q-1);
}
long makeDivisible(VecInt& vec, long p2e, long p2r, long q, double alpha)
{
assert(((p2e % p2r == 0) && (q % p2e == 1)) ||
((p2r % p2e == 0) && (q % p2r == 1)));
long maxU =0;
ZZ maxZ;
for (long i=0; i<vec.length(); i++) {
ZZ z, z2; conv(z, vec[i]);
long u=0, v=0;
long zMod1=0, zMod2=0;
if (p2r < p2e && alpha>0) {
zMod1 = rem(z,p2r);
if (zMod1 > p2r/2) zMod1 -= p2r; // map to the symmetric interval
// make z divisible by p^r by adding a multiple of q
z2 = z - to_ZZ(zMod1)*q;
zMod2 = rem(z2,p2e); // z mod p^e, still divisible by p^r
if (zMod2 > p2e/2) zMod2 -= p2e; // map to the symmetric interval
zMod2 /= -p2r; // now z+ p^r*zMod2=0 (mod p^e) and |zMod2|<=p^{r(e-1)}/2
u = ceil(alpha * zMod2);
v = zMod2 - u; // = floor((1-alpha) * zMod2)
z = z2 + u*p2r + to_ZZ(q)*v*p2r;
}
else { // r >= e or alpha==0, use only mulitples of q
zMod1 = rem(z,p2e);
if (zMod1 > p2e/2) zMod1 -= p2e; // map to the symmetric interval
z -= to_ZZ(zMod1) * q;
}
if (abs(u) > maxU) maxU = abs(u);
if (abs(z) > maxZ) maxZ = abs(z);
if (rem(z,p2e) != 0) { // sanity check
cerr << "**error: original z["<<i<<"]=" << vec[i]
<< std::dec << ", p^r="<<p2r << ", p^e="<<p2e << endl;
cerr << "z' = z - "<<zMod1<<"*q = "<< z2<<endl;
cerr << "z''=z' +" <<u<<"*p^r +"<<v<<"*p^r*q = "<<z<<endl;
exit(1);
}
conv(vec[i], z); // convert back to native format
}
return maxU;
}
ZZX myCRT::EncodeMessageMxN(ZZX &mess){
ZZ_p::init(to_ZZ("2"));
ZZ_pX res;
SetCoeff(res, 0, 0);
for(int i=0; i<size; i++)
if(coeff(mess,i) == 1)
res = res + MxN[i];
res = res%modulus;
return to_ZZX(res);
}
CLBlindRecipient::CLBlindRecipient(const GroupRSA* pk, const Group* comGroup,
int lx, const vector<ZZ> &coms,
int numPrivates, int numPublics)
: numPrivates(numPrivates), numPublics(numPublics)
{
// setting up all maps
g["pkGroup"] = pk;
g["comGroup"] = comGroup;
v["modSize"] = pk->getModulusLength();
v["stat"] = to_ZZ(pk->getStat());
v["l_x"] = to_ZZ(lx);
for (unsigned i = 0; i < coms.size(); i++) {
string name = "c_" + lexical_cast<string>(i+1);
v[name] = coms[i];
}
inputs["l"] = to_ZZ(numPrivates);
inputs["k"] = to_ZZ(numPublics);
prover.check("ZKP/examples/cl-obtain-ecash.txt", inputs, g);
}
NTL_CLIENT
int main()
{
ZZ_p::init(to_ZZ(17));
ZZ_pX P;
BuildIrred(P, 10);
ZZ_pE::init(P);
ZZ_pEX f, g, h;
random(f, 20);
SetCoeff(f, 20);
random(h, 20);
g = MinPolyMod(h, f);
if (deg(g) < 0) TerminalError("bad ZZ_pEXTest (1)");
if (CompMod(g, h, f) != 0)
TerminalError("bad ZZ_pEXTest (2)");
vec_pair_ZZ_pEX_long v;
long j;
for (j = 0; j < 5; j++) {
long n = RandomBnd(40)+10;
cerr << n << " ";
random(f, n);
SetCoeff(f, n);
v = CanZass(f);
g = mul(v);
if (f != g) cerr << "oops1\n";
long i;
for (i = 0; i < v.length(); i++)
if (!DetIrredTest(v[i].a))
TerminalError("bad ZZ_pEXTest (3)");
}
cerr << "\n";
cerr << "ZZ_pEXTest OK\n";
}
ZZX myCRT::DecodeMessage(ZZX &mes){
ZZ t; ZZX res; ZZ_pX mess_p, tm;
mess_p = to_ZZ_pX(mes);
for(int i=0; i<size; i++){
tm = mess_p%factors[i];
t = rep(coeff(tm,0));
t=t%to_ZZ("2");
SetCoeff(res, i, t);
}
return res;
}
SingleCRT& SingleCRT::operator=(const ZZX& poly)
{
const IndexSet& s = map.getIndexSet();
ZZX poly1;
for (long i = s.first(); i <= s.last(); i = s.next(i)) {
ZZ pi = to_ZZ(context.ithPrime(i));
poly1 = poly;
PolyRed(poly1,pi,true); // the flag true means reduce to [0,pi-1)
map[i] = poly1;
}
return *this;
}
void Testbench::initMatrix(mat_ZZ_p & m, int int_size) {
ZZ_p n;
n.init(to_ZZ("56563749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995"));
switch (int_size) {
case 64:
n = to_ZZ_p(to_ZZ("9999999999999999995"));
break;
case 128:
n = to_ZZ_p(to_ZZ("99993749237498237498237493299999999995"));
break;
case 256:
n = to_ZZ_p(to_ZZ("99993749237498237498237493299999937129873912873981273129842343242399999799995"));
break;
case 512:
n = to_ZZ_p(to_ZZ("9999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995"));
break;
case 1024:
n = to_ZZ_p(to_ZZ("99993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995"));
break;
case 2048:
n = to_ZZ_p(to_ZZ("9999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995"));
break;
case 4096:
n = to_ZZ_p(to_ZZ("99993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995"));
break;
case 8192:
n = to_ZZ_p(to_ZZ("9999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995999937492374982374982374932999999371298739128739812731298423432423999997999959999374923749823749823749329999993712987391287398127312984234324239999979999599993749237498237498237493299999937129873912873981273129842343242399999799995"));
break;
default:
n = to_ZZ_p(to_ZZ("9999999999999999995"));
break;
}
for (int i = 1; i <= m.NumRows(); i++) {
for (int j = 1; j <= m.NumCols(); j++) {
m(i,j) = n;
}
}
}
bool TestToZZBF(){
cout << "TestToZZBF:\t\t\t";
vector<minutia> fingerprint;
minutia next;
next.x = 215; next.y = 63; next.theta = 263; fingerprint.push_back(next);
next.x = 198; next.y = 90; next.theta = 181; fingerprint.push_back(next);
next.x = 80; next.y = 7; next.theta = 50; fingerprint.push_back(next);
next.x = 3; next.y = 0; next.theta = 23; fingerprint.push_back(next);
VaultMethod* method = new VaultBF();
std::set<ZZ> zzs = method->minutiae2ZZ(fingerprint);
if(zzs.count(to_ZZ(26746)) && zzs.count(to_ZZ(24759)) && zzs.count(to_ZZ(10242)) && zzs.count(to_ZZ(0))){
cout << "passed" << endl;
return true;
}
cout << "failed ";
for(std::set<ZZ>::iterator iter=zzs.begin(); iter != zzs.end(); iter++){
cout << (*iter) << " ";
}
cout << endl;
return false;
}
ecash_env() {
int stat = 80;
GroupPrime* cashG = new GroupPrime("bank", 1024, stat*2, stat); // init gen is f
cashG->addNewGenerator(); // this is g
cashG->addNewGenerator(); // this is h
cashG->addNewGenerator(); // this is h1
cashG->addNewGenerator(); // this is h2
GroupRSA* rangeG = new GroupRSA("first", 1024, stat); // first gen is g1
rangeG->addNewGenerator(); // second gen is g2
env.groups["rangeGroup"] = rangeG;
env.groups["cashGroup"] = cashG;
vector<ZZ> secrets;
for (int i=3; i; --i) secrets.push_back(cashG->randomExponent());
env.variables["s"] = secrets[0];
env.variables["t"] = secrets[1];
env.variables["sk_u"] = secrets[2];
env.variables["J"] = to_ZZ(51);
env.variables["W"] = to_ZZ(power(2, 6));
env.variables["zero"] = to_ZZ(0);
}
// Multiply-by-constant
void Ctxt::multByConstant(const ZZ& c)
{
// Special case: if *this is empty then do nothing
if (this->isEmpty()) return;
long cc = rem(c, ptxtSpace); // reduce modulo plaintext space
ZZ tmp = to_ZZ(cc);
// multiply all the parts by this constant
for (size_t i=0; i<parts.size(); i++) parts[i] *= tmp;
if (cc > ptxtSpace/2) cc -= ptxtSpace;
double size = to_double(cc);
noiseVar *= size*size;
}
mat_ZZ getbasis(int n,int seed,double bit=10) {
initialize();
std::ostringstream fname;
fname << getfname(n,seed,bit,0);
mat_ZZ L;
if (FileExists(fname)==true) {
LoadLattice(L,fname.str());
} else {
gen_svpchallenge(L,n,to_ZZ(seed),bit);
#ifdef _allow_cachefiles
SaveLattice(L,fname.str());
#endif
}
return L;
}
// Division by constant
// FIXME: this is not alias friendly
SingleCRT& SingleCRT::operator/=(const ZZ &num)
{
const IndexSet& s = map.getIndexSet();
ZZ pi, n;
for (long i = s.first(); i <= s.last(); i = s.next(i)) {
pi = to_ZZ(context.ithPrime(i));
rem(n,num,pi);
InvMod(n,n,pi); // n = num^{-1} mod pi
vec_ZZ& vp = map[i].rep;
for (long j=0; j<vp.length(); j++) MulMod(vp[j], vp[j], n, pi);
map[i].normalize();
}
return *this;
}
NTL_CLIENT
int main() {
ZZ a=to_ZZ(30),b=to_ZZ(10),p=to_ZZ(83);
ZZ x1=to_ZZ("125566390161800"),x2=to_ZZ("674318834107560"),r=to_ZZ(41);
ifstream ftask("task.txt");
ftask >> a >> b >> p >> r;
cout << (PowerMod(a,x1,p)*PowerMod(b,x2,p))%p << endl;
ftask.close();
return 0;
}
template <typename T> vec_ZZ RandomPoint(LatticeBasis<T>& B,int seed,int dim=0) {
//Generate uniformly random point in the box \prod[-b*i/2,b*i/2]
B.updateGSBasis();
vec_ZZ ret;
ZZ det = LatticeVolumeZZ(B);
if (dim==0) dim = B.dim;
ret.SetLength(dim);
SetSeed(to_ZZ(seed));
for (int i=0;i<dim;i++) {
ret[i] = RandomBnd(det);
}
ret = NearestPlane(ret,B);
return ret;
}
void SingleCRT::addPrimes(const IndexSet& s1)
{
assert(card(s1 & map.getIndexSet()) == 0);
ZZX poly, poly1;
toPoly(poly); // recover in coefficient representation
map.insert(s1); // add new rows to the map
// fill in new rows
for (long i = s1.first(); i <= s1.last(); i = s1.next(i)) {
ZZ pi = to_ZZ(context.ithPrime(i));
poly1 = poly;
PolyRed(poly1,pi,true); // the flag true means reduce to [0,pi-1)
map[i] = poly;
}
}
NTL_CLIENT
int main() {
//основание, степень, модуль, порядок группы
ZZ a,b,p,r;
ifstream ftask("task.txt");
//Вводим исходные данные
ftask >> a >> b >> p >> r;
ftask.close();
ZZ i;
for (i=to_ZZ(0);i<r;i++)
if (PowerMod(a,i,p)==b) {
cout << "x=" << i << endl;
return 0;
}
cout << "NO ANSWER" << endl;
return 0;
}
// Assumes current zz_p modulus is p^r
// computes S = F^{-1} mod G via Hensel lifting
void InvModpr(zz_pX& S, const zz_pX& F, const zz_pX& G, long p, long r)
{
ZZX ff, gg, ss, tt;
ff = to_ZZX(F);
gg = to_ZZX(G);
zz_pBak bak;
bak.save();
zz_p::init(p);
zz_pX f, g, s, t;
f = to_zz_pX(ff);
g = to_zz_pX(gg);
s = InvMod(f, g);
t = (1-s*f)/g;
assert(s*f + t*g == 1);
ss = to_ZZX(s);
tt = to_ZZX(t);
ZZ pk = to_ZZ(1);
for (long k = 1; k < r; k++) {
// lift from p^k to p^{k+1}
pk = pk * p;
assert(divide(ss*ff + tt*gg - 1, pk));
zz_pX d = to_zz_pX( (1 - (ss*ff + tt*gg))/pk );
zz_pX s1, t1;
s1 = (s * d) % g;
t1 = (d-s1*f)/g;
ss = ss + pk*to_ZZX(s1);
tt = tt + pk*to_ZZX(t1);
}
bak.restore();
S = to_zz_pX(ss);
assert((S*F) % G == 1);
}
