Processing math: 100%

First time here? Check out the FAQ!

Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 6 years ago

dan_fulea gravatar image

Let us consider only the lines of code, that introduce The polynomial ring R=F2[x] in the indeterminate x, then the field F=F2(a)=F2[x]/(x113+x9+1), then some very special elliptic curve E over F. It is well known that computing the order of an elliptic curve over some large field is time consuming. So the line computing the order E.order() takes too much time. (Please state the question clearly next time. It is also a good practice to introduce only variables and imports that matter for the issue. Providing "clean code" is a big help for potential helpers.)

R.<x> = GF(2)[]

F.<a> = GF(2^113, modulus=x^113+x^9+1)
A = F.fetch_int( 0x003088250CA6E7C7FE649CE85820F7 )
B = F.fetch_int( 0x00E8BEE4D3E2260744188BE0E9C723 )

E = EllipticCurve(F, (1,A,0,0,B))
G = E.random_point()
# n = E.order()    # takes a looong time...

(Note: The question should be part of the text, not part of the title (only).)

The problem with the "scalar multiplication" does not exist. Of course, we do not have the n, and also do not need it for the scalar multiplication issue. Instead, let us take for K some random integer from 1 to 2113.

# K = randint(1,n-1)    # we do not have n...
K = randint( 1, 2^113 )
print K
print G
print K*G

And this time i've got a mess of the shape:

5495233727832544069405938042720667
(a^112 + a^111 + a^110 + a^108 + a^105 + a^98 + a^96 + a^94 + a^92 + a^91 + a^89 + a^88 + a^86 + a^85 + a^83 + a^80 + a^79 + a^77 + a^74 + a^72 + a^71 + a^69 + a^68 + a^67 + a^66 + a^65 + a^60 + a^58 + a^57 + a^55 + a^54 + a^53 + a^52 + a^51 + a^50 + a^48 + a^46 + a^45 + a^44 + a^41 + a^40 + a^39 + a^38 + a^37 + a^35 + a^34 + a^33 + a^28 + a^27 + a^26 + a^25 + a^23 + a^22 + a^18 + a^17 + a^16 + a^12 + a^11 + a^10 + a^8 + a^6 + a^2 + a : a^112 + a^110 + a^107 + a^106 + a^104 + a^102 + a^101 + a^100 + a^96 + a^93 + a^92 + a^91 + a^86 + a^84 + a^83 + a^81 + a^79 + a^78 + a^76 + a^75 + a^74 + a^73 + a^72 + a^67 + a^65 + a^64 + a^54 + a^52 + a^51 + a^47 + a^46 + a^44 + a^43 + a^42 + a^38 + a^36 + a^33 + a^32 + a^28 + a^27 + a^23 + a^22 + a^21 + a^17 + a^13 + a^12 + a^11 + a^10 + a^9 + a^8 + a^7 + a^6 + a^5 + a^4 + a^2 + a + 1 : 1)
(a^112 + a^110 + a^109 + a^108 + a^104 + a^101 + a^98 + a^96 + a^95 + a^93 + a^92 + a^91 + a^89 + a^84 + a^82 + a^80 + a^73 + a^69 + a^67 + a^63 + a^61 + a^58 + a^54 + a^53 + a^52 + a^50 + a^48 + a^47 + a^46 + a^45 + a^43 + a^42 + a^39 + a^38 + a^37 + a^35 + a^33 + a^31 + a^28 + a^22 + a^21 + a^19 + a^18 + a^17 + a^16 + a^13 + a^9 + a^8 + a^7 + a^5 + a^4 + a^3 : a^109 + a^106 + a^105 + a^104 + a^103 + a^98 + a^96 + a^95 + a^94 + a^93 + a^91 + a^89 + a^87 + a^86 + a^85 + a^82 + a^81 + a^80 + a^78 + a^76 + a^75 + a^74 + a^73 + a^68 + a^67 + a^65 + a^64 + a^63 + a^61 + a^60 + a^58 + a^56 + a^53 + a^52 + a^51 + a^50 + a^48 + a^46 + a^42 + a^41 + a^40 + a^39 + a^38 + a^37 + a^33 + a^31 + a^29 + a^28 + a^27 + a^24 + a^23 + a^22 + a^20 + a^17 + a^16 + a^15 + a^11 + a^10 + a^9 + a^7 + a^5 + a^4 + a^3 + a^2 + a + 1 : 1)

Note: Please try next time(s) to provide code in a "minimal situation" that produces the same error.

click to hide/show revision 2
No.2 Revision

updated 6 years ago

Let us consider only the needed lines of code, that so we introduce The

  • the polynomial ring R=F2[x] in the indeterminate x,
  • then the field F=F2(a)=F2[x]/(x113+x9+1),
  • then some very special elliptic curve E over F. F.

It is well known that computing the order of an elliptic curve over some large field is time consuming. So the line computing the order 

E.order()E.order()

takes too much time. (Please state the question clearly next time. It is also a good practice to introduce only variables and imports that matter for the issue. Providing "clean code" is a big help for potential helpers.)

R.<x> = GF(2)[]

F.<a> = GF(2^113, modulus=x^113+x^9+1)
A = F.fetch_int( 0x003088250CA6E7C7FE649CE85820F7 )
B = F.fetch_int( 0x00E8BEE4D3E2260744188BE0E9C723 )

E = EllipticCurve(F, (1,A,0,0,B))
G = E.random_point()
# n = E.order()    # takes a looong time...

(Note: The question should be part of the text, not part of the title (only).)

The problem with the "scalar multiplication" does not exist. Of course, we do not have the n, and also do not need it for the scalar multiplication issue. Instead, let us take for K some random integer from 1 to 2113.

# K = randint(1,n-1)    # we do not have n...
K = randint( 1, 2^113 )
print K
print G
print K*G

And this time i've got a mess of the shape:

5495233727832544069405938042720667
(a^112 + a^111 + a^110 + a^108 + a^105 + a^98 + a^96 + a^94 + a^92 + a^91 + a^89 + a^88 + a^86 + a^85 + a^83 + a^80 + a^79 + a^77 + a^74 + a^72 + a^71 + a^69 + a^68 + a^67 + a^66 + a^65 + a^60 + a^58 + a^57 + a^55 + a^54 + a^53 + a^52 + a^51 + a^50 + a^48 + a^46 + a^45 + a^44 + a^41 + a^40 + a^39 + a^38 + a^37 + a^35 + a^34 + a^33 + a^28 + a^27 + a^26 + a^25 + a^23 + a^22 + a^18 + a^17 + a^16 + a^12 + a^11 + a^10 + a^8 + a^6 + a^2 + a : a^112 + a^110 + a^107 + a^106 + a^104 + a^102 + a^101 + a^100 + a^96 + a^93 + a^92 + a^91 + a^86 + a^84 + a^83 + a^81 + a^79 + a^78 + a^76 + a^75 + a^74 + a^73 + a^72 + a^67 + a^65 + a^64 + a^54 + a^52 + a^51 + a^47 + a^46 + a^44 + a^43 + a^42 + a^38 + a^36 + a^33 + a^32 + a^28 + a^27 + a^23 + a^22 + a^21 + a^17 + a^13 + a^12 + a^11 + a^10 + a^9 + a^8 + a^7 + a^6 + a^5 + a^4 + a^2 + a + 1 : 1)
(a^112 + a^110 + a^109 + a^108 + a^104 + a^101 + a^98 + a^96 + a^95 + a^93 + a^92 + a^91 + a^89 + a^84 + a^82 + a^80 + a^73 + a^69 + a^67 + a^63 + a^61 + a^58 + a^54 + a^53 + a^52 + a^50 + a^48 + a^47 + a^46 + a^45 + a^43 + a^42 + a^39 + a^38 + a^37 + a^35 + a^33 + a^31 + a^28 + a^22 + a^21 + a^19 + a^18 + a^17 + a^16 + a^13 + a^9 + a^8 + a^7 + a^5 + a^4 + a^3 : a^109 + a^106 + a^105 + a^104 + a^103 + a^98 + a^96 + a^95 + a^94 + a^93 + a^91 + a^89 + a^87 + a^86 + a^85 + a^82 + a^81 + a^80 + a^78 + a^76 + a^75 + a^74 + a^73 + a^68 + a^67 + a^65 + a^64 + a^63 + a^61 + a^60 + a^58 + a^56 + a^53 + a^52 + a^51 + a^50 + a^48 + a^46 + a^42 + a^41 + a^40 + a^39 + a^38 + a^37 + a^33 + a^31 + a^29 + a^28 + a^27 + a^24 + a^23 + a^22 + a^20 + a^17 + a^16 + a^15 + a^11 + a^10 + a^9 + a^7 + a^5 + a^4 + a^3 + a^2 + a + 1 : 1)

Note: Please try next time(s) to provide code in a "minimal situation" that produces the same error.

Copyright Sage, 2010. Some rights reserved under creative commons license. Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.7.59