search

J08nY / ecgen

Tool for generating Elliptic curve domain parameters
https://neuromancer.sk/page/ecgen
GNU General Public License v2.0
109 stars 21 forks source link

NUMS curves #20

Closed thomasb9511 closed 1 year ago

thomasb9511 commented 1 year ago

Is it possible to incorporate the formulas specified in the NUMS specification? The specified formulas can be found at the following sources:

IETF Draft: https://datatracker.ietf.org/doc/html/draft-black-numscurves-02
Research Paper: https://eprint.iacr.org/2014/130.pdf

I'm currently conducting research, and the process of determining the value of b for a pseudo Mersenne prime is computationally demanding.

J08nY commented 1 year ago

Hey @thomasb9511 is there an actual algorithm for curve generation given in the NUMS paper? I remember that it only listed general conditions but not a rigorous algorithm like SECG/NIST or Brainpool curves have.

I mean something like this from SEC1v2: image

thomasb9511 commented 1 year ago

Thanks, for getting back to me.

https://datatracker.ietf.org/doc/html/draft-black-numscurves-02#appendix-A ? and https://dissect.crocs.fi.muni.cz/standards/nums are best I could find.

Picking the generator points is:

Input: a prime p, and a Weierstrass curve parameter b Output: a generator point P = (x(P), y(P)) of order rb

  1. Set x = 1
  2. while ((x^3 - 3 * x + b) is not a quadratic residue modulo p) do x = x + 1 end while
  3. Compute an integer s, 0 < s < p, such that s^2 = x^3 - 3 * x + b mod p
  4. Set y = min(s, p - s)
  5. Output P = (x, y)