PFC curve order and modulus

[dminuoso]

Hello,

after creating a PFC

#include <stdio.h>
#define MR_PAIRING_BN
#include "pairing_3.h"
int main() {
  PFC curve(128);
  std::cout << curve.order() << std::endl;
  std::cout << get_modulus() << std::endl;
}

I get 2523648240000001BA344D8000000007FF9F800000000010A10000000000000D 2523648240000001BA344D80000000086121000000000013A700000000000013

First why is there a difference between the configured modulo and group order?

When I manually set the modulo modulo(curve.order()) my pairings end up not being on GT.

Can someone help me shed some light on this?

[mcarrickscott]

On a BN curve the group order and the modulus are different. In fact in almost all cases of number theoretic cryptography, the field and the group are different.

For a BN curve the modulus is given by the formula

36x^4+36x^3+24x^2+6x+1

and the group order by the different formula

36x^4+36x^3+18x^2+6x+1

So the short answer is that they are different because they are supposed to be different.

Mike

On Mon, May 1, 2017 at 11:38 AM, dminuoso notifications@github.com wrote:

After creating a PFC

include

define MR_PAIRING_BN

include "pairing_3.h"

int main() { PFC curve(128); std::cout << curve.order() << std::endl; std::cout << get_modulus() << std::endl; }

I get 2523648240000001BA344D8000000007FF9F800000000010A10000000000000D 2523648240000001BA344D80000000086121000000000013A700000000000013

First why is there a difference between the configured modulus and group order?

When I manually set the modulus modulus(curve.order()) my pairings end up not being on GT.

Can someone help me shed some light on this?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/miracl/MIRACL/issues/47, or mute the thread https://github.com/notifications/unsubscribe-auth/ACm8jpTQfi_Wnx5IUlxc2-WC2WGA9yVDks5r1bY6gaJpZM4NM92u .

[dminuoso]

Oh it just clicked. Thank you for clearing that up.