89 lines
2.7 KiB
Plaintext
89 lines
2.7 KiB
Plaintext
Schoof-Elkies-Atkin-Mueller program for counting points on a GF(p) elliptic
|
|
curve y^2=x^3+Ax+B mod p.
|
|
|
|
Precompiled Windows executables of these programs may be downloaded from
|
|
ftp://ftp.compapp.dcu.ie/pub/crypto
|
|
|
|
To build the mueller/process/sea applications, you must compile and link the
|
|
modules together, with MIRACL C++ classes , and with the MIRACL library.
|
|
|
|
So for MS C++
|
|
|
|
cl /c /O2 /GX ps_big.cpp
|
|
cl /c /O2 /GX big.cpp
|
|
cl /c /O2 /GX mueller.cpp
|
|
link mueller.obj ps_big.obj big.obj miracl.lib
|
|
|
|
cl /c /O2 /GX process.cpp
|
|
link process.obj big.obj miracl.lib
|
|
|
|
cl /c /O2 /GX modpol.cpp
|
|
cl /c /O2 /GX ps_zzn.cpp
|
|
cl /c /O2 /GX zzn.cpp
|
|
link modpol.obj ps_zzn.obj zzn.obj big.obj miracl.lib
|
|
|
|
cl /c /O2 /GX sea.cpp
|
|
cl /c /O2 /GX poly.cpp
|
|
cl /c /O2 /GX polymod.cpp
|
|
cl /c /O2 /GX polyxy.cpp
|
|
cl /c /O2 /GX ecn.cpp
|
|
cl /c /O2 /GX crt.cpp
|
|
link sea.obj poly.obj polymod.obj polyxy.obj big.obj zzn.obj ecn.obj
|
|
crt.obj miracl.lib
|
|
|
|
For Linux GCC
|
|
|
|
g++ -I. -c -O2 ps_big.cpp
|
|
g++ -I. -c -O2 big.cpp
|
|
g++ -I. mueller.cpp ps_big.o big.o miracl.a -o mueller
|
|
|
|
etc.
|
|
|
|
|
|
Note that the headers ps_big.h, ps_zzn.h, poly.h, polymod.h and polyxy.h are
|
|
assumed to be in the local directiory
|
|
|
|
|
|
Instructions for use
|
|
|
|
First run the utility "mueller" to build up a collection of Modular
|
|
Polynomials. This needs to be done once only - ever, but you can from time
|
|
augment your collection of Polynomials by running it again. Its quite time
|
|
consuming, but in less than an hour you should have enough to get started. The
|
|
more you have, the bigger the prime modulus that you can use.
|
|
|
|
Then run the utility "process" to process the raw polynomial file with
|
|
respect to your chosen prime modulus. This need to be done just once for
|
|
every prime modulus of interest to you. This takes only a few minutes at
|
|
most.
|
|
|
|
Alternatively use "modpol", which is a composite of "mueller" and "process".
|
|
This may be better if you have difficulty running the memory hungry "mueller"
|
|
|
|
Finally run this program "sea" specifying the A and B parameters of the
|
|
particular curve. This program can also search through many curves for
|
|
a curve ideal for cryptographic use (with a prime number of points).
|
|
|
|
For example try:-
|
|
|
|
mueller 0 120 -o mueller.raw
|
|
process -f 65112*2#144-1 -i mueller.raw -o test160.pol
|
|
sea -3 49 -i test160.pol
|
|
|
|
or
|
|
|
|
modpol -f 65112*2#144-1 0 120 -o test160.pol
|
|
sea -3 49 -i test160.pol
|
|
|
|
(In Unix, use . and ^ instead of * and #)
|
|
|
|
When using the "sea" program, the -s option is particularly useful
|
|
and allows automatic search for an "ideal" curve. If a curve order is
|
|
exactly divisible by a small prime, that curve is immediately abandoned,
|
|
and the program moves on to the next, incrementing the B parameter of
|
|
the curve.
|
|
|
|
|
|
For more information, see the comments at the head of the source file sea.cpp
|
|
|